Nextcloud: Calendar attachments of local files are offered to downloaded

A security vulnerability in calendar attachments of local files was discovered, where users were offered to download the attachments...

CVE-2016-5740

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's location, will be presented to the user at the E-Mail App, depending on the invitation workflow. Th...