CVE-2021-39222
Nextcloud Talk is affected by a stored XSS vulnerability in the Talk component of Nextcloud. The issue can be triggered by right-clicking a malicious file and opening it in a new tab, but exploitation is mitigated on modern browsers due to Content-Security-Policy (CSP). Remediation is to upgrade ...