Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user.
5.3CVSS
5.1AI Score
0.001EPSS
Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0 allowed a man-in-the-middle attack.
7.4CVSS
7.1AI Score
0.001EPSS