Nextcloud 访问控制错误漏洞

Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An access control error vulnerability exists in Nextcloud office/richdocuments, which stems from the ability to spoof the Collabora integration so that permission...

CVE-2022-31024 Federated editing allows iframing remote servers by default in richdocuments

richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Prior to versions 6.0.0, 5.0.4, and 4.2.6, a user could be tricked into working against a remote Office by sending them a federated share. richdocuments versions 6.0.0, 5.0.4 and 4.2.6 contain a fi...