Mail Security Vulnerabilities and Issues — Mail CVE List

Lucene search

NextcloudMail

3 matches found

CVE•added 2023/02/06 9:15 p.m.•56 views

CVE-2023-23943

Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgra...

5CVSS4.4AI score0.00351EPSS

CVE•added 2023/02/06 8:15 p.m.•48 views

CVE-2023-23944

Nextcloud mail is an email app for the nextcloud home server platform. In versions prior to 2.2.2 user's passwords were stored in cleartext in the database during the duration of OAuth2 setup procedure. Any attacker or malicious user with access to the database would have access to these user passw...

6.5CVSS5AI score0.00457EPSS

CVE•added 2023/02/13 9:15 p.m.•46 views

CVE-2023-25160

Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14.5, 1.12.9, and 1.11.8, an attacker can access the mail box by ID getting the subjects and the first characters of the emails. Users should upgrade to Mail 2.2.1 for Nextcloud 25, Mail 1.14.5 for Nex...

5.3CVSS4.8AI score0.00195EPSS