3 matches found
CVE-2023-33184 Blind SSRF in the Nextcloud Mail app on avatar endpoint
Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3...
CVE-2023-33184 Blind SSRF in the Nextcloud Mail app on avatar endpoint
Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3...
CVE-2023-33184
CVE-2023-33184 affects the Nextcloud Mail app in Nextcloud. A blind SSRF on the avatar endpoint could cause the app to send GET requests to internal services on the same web server. The available references indicate fixes are in Nextcloud Mail updates: v3.02, v2.2.5, or v1.15.3. There is no docum...