The vulnerability of cloud-based software for creating and using Nextcloud data storage solutions is related to improper access control, which allows a hacker to change user passwords.

The vulnerability of cloud-based software for creating and using Nextcloud storage solutions is related to the absence of password confirmation for users who access the system. Exploiting this vulnerability can allow attackers to change user passwords...

SUSE CVE-2023-39963

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 20.0.0 and prior to versions 20.0.14.15, 21.0.9.13, 22.2.10.14, 23.0.12.8, 24.0.12.5, 25.0.9, 26.0.4, and 27.0.1, a missing password confirmation allowed an attacker, after successfully steali...

PT-2023-5257 · Nextcloud +2 · Nextcloud Server +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 20.0.0 through 20.0.14.14 Nextcloud Server versions 21.0.0 through 21.0.9.12 Nextcloud Server versions 22.0.0 through 22.2.10.13 Nextcloud Server versions 23.0.0 through 23.0.12.7 Nextcloud Server versions 24.0.0...