2 matches found
CVE-2021-22896
Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users...
CVE-2021-22896
CVE-2021-22896 affects Nextcloud Mail prior to 1.9.5, where a missing permission check allows other authenticated users to create mail aliases for other users. The issue is an access-control error in Nextcloud Mail (1.9.5 and earlier). Impact notes: attackers could create aliases for existing mai...