CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22400 – Open redirect in user_saml via RelayState parameter in Nextcloud User Saml
https://notcve.org/view.php?id=CVE-2024-22400
18 Jan 2024 — Nextcloud User Saml is an app for authenticating Nextcloud users using SAML. In affected versions users can be given a link to the Nextcloud server and end up on a uncontrolled thirdparty server. It is recommended that the User Saml app is upgraded to version 5.1.5, 5.2.5, or 6.0.1. There are no known workarounds for this issue. Nextcloud User Saml es una aplicación para autenticar a los usuarios de Nextcloud mediante SAML. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-622q-xhfr-xmv7 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 2CVE-2024-22213 – Cross-site Scripting when sending HTML as a comment in the Nextcloud Deck app
https://notcve.org/view.php?id=CVE-2024-22213
18 Jan 2024 — Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions users could be tricked into executing malicious code that would execute in their browser via HTML sent as a comment. It is recommended that the Nextcloud Deck is upgraded to version 1.9.5 or 1.11.2. There are no known workarounds for this vulnerability. Deck es una herramienta de organización estilo kanban destinada a la planificación personal y organización ... • https://github.com/nextcloud/deck/commit/91f1557362047f8840f53151f176b80148650bcd • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-22212 – Nextcloud global site selector authentication bypass
https://notcve.org/view.php?id=CVE-2024-22212
18 Jan 2024 — Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an attacker to authenticate as another user. It is recommended that the Nextcloud Global Site Selector is upgraded to version 1.4.1, 2.1.2, 2.3.4 or 2.4.5. There are no known workarounds for this issue. Nextcloud Global Site Selector es una herramienta que le permite ejecutar múltiples instancias pequeñas de Nextcloud... • https://github.com/nextcloud/globalsiteselector/commit/ab5da57190d5bbc79079ce4109b6bcccccd893ee • CWE-306: Missing Authentication for Critical Function •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2023-49792 – Bruteforce protection can be bypassed with misconfigured proxy
https://notcve.org/view.php?id=CVE-2023-49792
22 Dec 2023 — Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server prior to versions 26.0.9 and 27.1.4; as well as Nextcloud Enterprise Server prior to versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4; when a (reverse) proxy is configured as trusted proxy the server could be tricked into reading a wrong remote address for an attacker, allowing them executing authentication attempts than intended. Nextcloud Server versions 26.0.9 and 27.1.4 and Nextcloud Ent... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-5j2p-q736-hw98 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-49791 – Workflows do not require password confirmation on API level
https://notcve.org/view.php?id=CVE-2023-49791
22 Dec 2023 — Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server prior to versions 26.0.9 and 27.1.4; as well as Nextcloud Enterprise Server prior to versions 23.0.12.13, 24.0.12.9, 25.0.13.4, 26.0.9, and 27.1.4; when an attacker manages to get access to an active session of another user via another way, they could delete and modify workflows by sending calls directly to the API bypassing the password confirmation shown in the UI. Nextcloud Server versions 26.0.9 and ... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-3f8p-6qww-2prr • CWE-284: Improper Access Control CWE-287: Improper Authentication •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49790 – App PIN code can be bypassed in Nextcloud Files iOS
https://notcve.org/view.php?id=CVE-2023-49790
22 Dec 2023 — The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. No known workarounds are available. La aplicación Nextcloud iOS Files permite a los usuarios de iOS interactuar con Nextcloud, una plataforma de productividad autohospedada. • https://github.com/nextcloud/ios/pull/2665 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48308 – Calendar app returns full stacktrace when an error happens while editing appointment
https://notcve.org/view.php?id=CVE-2023-48308
21 Dec 2023 — Nextcloud/Cloud is a calendar app for Nextcloud. An attacker can gain access to stacktrace and internal paths of the server when generating an exception while editing a calendar appointment. It is recommended that the Nextcloud Calendar app is upgraded to 4.5.3 Nextcloud/Cloud es una aplicación de calendario para Nextcloud. Un atacante puede obtener acceso al seguimiento de pila y a las rutas internas del servidor al generar una excepción al editar una cita del calendario. Se recomienda actualizar la aplica... • https://github.com/nextcloud/calendar/pull/5553 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer CWE-1258: Exposure of Sensitive System Information Due to Uncleared Debug Information •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-48307 – Nextcloud Mail app vulnerable to Server-Side Request Forgery
https://notcve.org/view.php?id=CVE-2023-48307
21 Nov 2023 — Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Starting in version 1.13.0 and prior to version 2.2.8 and 3.3.0, an attacker can use an unprotected endpoint in the Mail app to perform a SSRF attack. Nextcloud Mail app versions 2.2.8 and 3.3.0 contain a patch for this issue. As a workaround, disable the mail app. Nextcloud Mail es la aplicación de correo de Nextcloud, una plataforma de productividad autohospedada. • https://github.com/nextcloud/mail/pull/8709 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 1CVE-2023-48306 – Nextcloud Server DNS pin middleware can be tricked into DNS rebinding allowing SSRF
https://notcve.org/view.php?id=CVE-2023-48306
21 Nov 2023 — Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and prior to versions 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Enterprise Server, the DNS pin middleware was vulnerable to DNS rebinding allowing an attacker to perform SSRF as a final result. Nextcloud Server 25.0.11, 26.0.6, and 27.1.0 and Nextcloud Enterprise S... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8f69-f9jg-4x3v • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 2CVE-2023-48305 – Nextcloud Server user_ldap app logs user passwords in the log file on level debug
https://notcve.org/view.php?id=CVE-2023-48305
21 Nov 2023 — Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and Nextcloud Enterprise Server, when the log level was set to debug, the user_ldap app logged user passwords in plaintext into the log file. If the log file was then leaked or shared in any way the users' passwords would be leaked. Nextcloud Server and Nextcloud Enterprise Server versions 25.0.11, 26.0.6, and 27.1.0 contain a p... • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-35p6-4992-w5fr • CWE-312: Cleartext Storage of Sensitive Information •