SUSE CVE-2022-24889

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 21.0.8, 22.2.4, and 23.0.1, it is possible to trick administrators into enabling "recommended" apps for the Nextcloud server that they do not need, thus expanding their attack surfac...

Force an admin to install recommended applications

None...

PT-2022-16959 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 21.0.8 Nextcloud Server versions prior to 22.2.4 Nextcloud Server versions prior to 23.0.1 Description: The issue allows attackers to trick administrators into enabling unnecessary "recommended" apps for the...