Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path ./vendor/cerdic/css-tidy/css_optimiser.php. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet ...
9.8CVSS
9.5AI Score
0.002EPSS
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Starting in version 1.13.0 and prior to version 2.2.8 and 3.3.0, an attacker can use an unprotected endpoint in the Mail app to perform a SSRF attack. Nextcloud Mail app versions 2.2.8 and 3.3.0 contain a patch for t...
9.8CVSS
9.3AI Score
0.001EPSS