2 matches found
SUSE CVE-2022-31014
Nextcloud server is an open source personal cloud server. Affected versions were found to be vulnerable to SMTP command injection. The impact varies based on which commands are supported by the backend SMTP server. However, the main risk here is that the attacker can then hijack an...
CVE-2022-31014
CVE-2022-31014 affects Nextcloud Server; SMTP command injection via iCalendar attachments through newline handling. Affected versions are Nextcloud Server up to 22.2.7/8, 23.x up to 23.0.5, and 24.x up to 24.0.1 (per sources). The root cause is insufficient sanitization of newline characters in S...