GO-2026-4447 OpenCloud Affected by Public Link Exploit in github.com/opencloud-eu/opencloud

OpenCloud Affected by Public Link Exploit in github.com/opencloud-eu/opencloud. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, plea...

GO-2026-4444 OpenCloud Reva has a Public Link Exploit in github.com/opencloud-eu/reva

OpenCloud Reva has a Public Link Exploit in github.com/opencloud-eu/reva...

OpenCloud Affected by Public Link Exploit

Impact A security issue was discovered in Reva that enables a malicious user to bypass the scope validation of a public link. That allows it to access resources outside the scope of a public link. OpenCloud uses Reva as one of its core components and thus it is affected. Patches Update to OpenClo...

GHSA-VF5J-R2HW-2HRW OpenCloud Affected by Public Link Exploit

Impact A security issue was discovered in Reva that enables a malicious user to bypass the scope validation of a public link. That allows it to access resources outside the scope of a public link. OpenCloud uses Reva as one of its core components and thus it is affected. Patches Update to OpenClo...

CVE-2025-65516

Summary: CVE-2025-65516 is a stored XSS affecting Seafile Community Edition before 13.0.12 when using the Golang file server. An attacker can upload a crafted SVG containing malicious JavaScript and share it via a public link; opening that link triggers script execution in the victim’s browser. A...