Nextcloud: Credential Disclosure via Unvalidated directDownloadUrl (Missing DontAddCredentialsAttribute)

The Nextcloud Desktop Client was found to automatically include user credentials Authorization header with username and password in Base64 when downloading files via the "directDownloadUrl" feature. This allowed a malicious Nextcloud server to specify an attacker-controlled URL, causing the clien...