2 matches found
CVE-2021-32652
CVE-2021-32652 affects Nextcloud Mail prior to versions 1.4.3 and 1.8.2, where a missing permission check allows an authenticated user to access mail metadata of other users. Public sources consistently state that versions 1.4.3 and 1.8.2 include patches; no workarounds beyond upgrading are known...
CVE-2021-32652 Missing permission check on email metadata retrieval
Nextcloud Mail is a mail app for the Nextcloud platform. A missing permission check in Nextcloud Mail before 1.4.3 and 1.8.2 allows another authenticated users to access mail metadata of other users. Versions 1.4.3 and 1.8.2 contain patches for this vulnerability; no workarounds other than the...