Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2023/03/31 10:10 p.m.9 views

CVE-2023-28844 User without download rights can download older version of that file in nextcloud server

Nextcloud server is an open source home cloud implementation. In affected versions users that should not be able to download a file can still download an older version and use that for uncontrolled distribution. This issue has been addressed in versions 24.0.10 and 25.0.4. Users are advised to...

5.7CVSS6.3AI score0.0062EPSS
Exploits0References2
OSV
OSV
added 2023/03/31 10:10 p.m.22 views

CVE-2023-28844 User without download rights can download older version of that file in nextcloud server

Nextcloud server is an open source home cloud implementation. In affected versions users that should not be able to download a file can still download an older version and use that for uncontrolled distribution. This issue has been addressed in versions 24.0.10 and 25.0.4. Users are advised to...

5.7CVSS6.3AI score0.0062EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/03/31 10:10 p.m.32 views

CVE-2023-28844 User without download rights can download older version of that file in nextcloud server

Nextcloud server is an open source home cloud implementation. In affected versions users that should not be able to download a file can still download an older version and use that for uncontrolled distribution. This issue has been addressed in versions 24.0.10 and 25.0.4. Users are advised to...

5.7CVSS6.5AI score0.0062EPSS
Exploits0References2
CVE
CVE
added 2023/03/31 10:10 p.m.74 views

CVE-2023-28844

CVE-2023-28844 affects Nextcloud Server; an access-control error allows users who should not download a file to retrieve an older version and distribute it. Affected versions were prior to 24.0.10 and prior to 25.0.4. The issue is mitigated by upgrading to Nextcloud Server 24.0.10 or 25.0.4 (or l...

6.5CVSS5.8AI score0.0062EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder