CVE-2023-25820
CVE-2023-25820 affects Nextcloud Server and Enterprise Server: if an attacker gains access to an already logged-in user session, they can brute-force the password on the confirmation endpoint. Affected ranges and patches per sources include Nextcloud Server 24.0.x < 24.0.10 and 25.0.x < 25....