4992 matches found
Admins can change authentication details of user configured external storage
None...
Nextcloud Security Breach
Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server, Nextcloud Enterprise Server versions prior to 25.0.11, 26.0.6, and 27.1.0, which stems from a userldap...
Nextcloud Security Breach
Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. A security vulnerability exists in Nextcloud Server versions prior to 25.0.11, 26.0.6, and 27.1.0, as well as Nextcloud Enterprise Server versions prior to...
PT-2023-30769 · Nextcloud · Nextcloud Mail
Name of the Vulnerable Software and Affected Versions: Nextcloud Mail versions 1.13.0 through 2.2.7 Nextcloud Mail versions 2.2.8 is not affected, but versions prior to 3.3.0 are affected, so the correct range is: Nextcloud Mail versions 1.13.0 through 3.2.x Description: Nextcloud Mail is the mai...
Nextcloud Security Breach
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that originated from allowing an attacker to make external storage mount points inaccessible to other...
Nextcloud Security Breach
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that stems from a cross-site scripting XSS vulnerability that allows an attacker to trick a user into...
Nextcloud Code Issues Vulnerabilities
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A code issue vulnerability exists in Nextcloud Mail versions prior to 2.2.8 and prior to 3.3.0, which can be exploited by an attacker to perform a...
PT-2023-8885 · Nextcloud +2 · Nextcloud Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.12 Nextcloud Server versions 26.0.0 through 26.0.7 Nextcloud Server versions 27.0.0 through 27.1.2 Description: The issue is related to the rendering of HTML code without markup when a user...
PT-2023-8884 · Nextcloud +2 · Nextcloud Enterprise Server +3
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.10 Nextcloud Server versions 26.0.0 through 26.0.5 Nextcloud Server versions 27.0.0 through 27.0.1 Nextcloud Enterprise Server versions 25.0.0 through 25.0.10 Nextcloud Enterprise Server versions...
PT-2023-8432 · Nextcloud +2 · Nextcloud Enterprise Server +3
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.10 Nextcloud Server versions 26.0.0 through 26.0.5 Nextcloud Server versions prior to 27.1.0 Nextcloud Enterprise Server versions 22.0.0 through 22.2.10.15 Nextcloud Enterprise Server versions...
PT-2023-8882 · Nextcloud +2 · Nextcloud Enterprise Server +3
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.12 Nextcloud Server versions 26.0.0 through 26.0.7 Nextcloud Server versions prior to 27.1.3 Nextcloud Enterprise Server versions 20.0.0 through 20.0.14.15 Nextcloud Enterprise Server versions...
PT-2023-8883 · Nextcloud +2 · Nextcloud Server +3
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.10 Nextcloud Server versions 26.0.0 through 26.0.5 Nextcloud Server versions 27.0.0 through 27.0.0 Nextcloud Enterprise Server versions 22.0.0 through 22.2.10.15 Nextcloud Enterprise Server versio...
Nextcloud Code Issues Vulnerabilities
Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. A code issue exists in Nextcloud Server versions prior to 25.0.11, 26.0.6, and 27.1.0, as well as Nextcloud Enterprise Server versions prior to 22.2.10.16,...
Nextcloud Security Breach
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. A security vulnerability exists in Nextcloud Server that originates from allowing an attacker to inject HTML code in the search UI. Affected products and...
Nextcloud Security Breach
Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server, Nextcloud Enterprise Server versions prior to 25.0.11, 26.0.6, and 27.1.0, which originates from an...
PT-2023-8886 · Nextcloud +2 · Nextcloud Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.12 Nextcloud Server versions 26.0.0 through 26.0.7 Nextcloud Server versions 27.0.0 through 27.1.2 Description: The issue is related to improper neutralization of input during web page generation,...
PT-2023-8433 · Nextcloud +1 · Nextcloud Enterprise Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.10 Nextcloud Server versions 26.0.0 through 26.0.5 Nextcloud Server versions 27.0.0 through 27.0.0 prior to 27.1.0 Nextcloud Enterprise Server versions 25.0.0 through 25.0.10 Nextcloud Enterprise...
Nextcloud: Notes app can be tricked into using a received share created before the user logged in
The Nextcloud Notes app was found to be vulnerable to a security issue that allowed it to be tricked into using a received share created before the user logged in...
Nextcloud: Improper handling of request URLs in nextcloud/guests allows guest users to bypass app allowlist
Improper handling of request URLs allowed guest users to bypass application allowlist in Nextcloud guests app...
Nextcloud: Non-admin users can reset app allowlist to the default
A vulnerability was disclosed where non-administrative users could reset the application allowlist to the default state. This could have allowed malicious apps to be installed...