3 matches found
CVE-2021-41256
nextcloud news-android is an Android client for the Nextcloud news/feed reader app. In affected versions the Nextcloud News for Android app has a security issue by which a malicious application installed on the same device can send it an arbitrary Intent that gets reflected back, unintentionally...
CVE-2021-41256 Intent URI permissions manipulation in nextcloud news-android
nextcloud news-android is an Android client for the Nextcloud news/feed reader app. In affected versions the Nextcloud News for Android app has a security issue by which a malicious application installed on the same device can send it an arbitrary Intent that gets reflected back, unintentionally...
CVE-2021-41256
CVE-2021-41256 affects the Nextcloud News for Android client. A local attacker on the same device can craft an Intent that is reflected back, enabling read/write access to non-exported Content Providers. Affected users should upgrade to Nextcloud News for Android 0.9.9.63 or higher. The CVE entry...