CVSS: 5.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-25150 – Document content of files can be obtained through Collabora for files of other users
https://notcve.org/view.php?id=CVE-2023-25150
Nextcloud office/richdocuments is an office suit for the nextcloud server platform. In affected versions the Collabora integration can be tricked to provide access to any file without proper permission validation. As a result any user with access to Collabora can obtain the content of other users files. It is recommended that the Nextcloud Office App (Collabora Integration) is updated to 7.0.2 (Nextcloud 25), 6.3.2 (Nextcloud 24), 5.0.10 (Nextcloud 23), 4.2.9 (Nextcloud 21-22), or 3.8.7 (Nextcloud 15-20). There are no known workarounds for this issue. • https://github.com/nextcloud/richdocuments/pull/2669 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-64xc-r58v-53gj https://hackerone.com/reports/1788222 • CWE-284: Improper Access Control CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-31024 – Federated editing allows iframing remote servers by default in richdocuments
https://notcve.org/view.php?id=CVE-2022-31024
richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Prior to versions 6.0.0, 5.0.4, and 4.2.6, a user could be tricked into working against a remote Office by sending them a federated share. richdocuments versions 6.0.0, 5.0.4 and 4.2.6 contain a fix for this issue. There are currently no known workarounds available. richdocuments es el repositorio de NextCloud Collabra, la aplicación para la colaboración de Nextcloud Office. En versiones anteriores a 6.0.0, 5.0.4 y 4.2.6, podía engañarse a un usuario para que trabajara con un Office remoto mediante el envío de un recurso compartido federado. Las versiones 6.0.0, 5.0.4 y 4.2.6 de richdocuments contienen una corrección para este problema. • https://github.com/nextcloud/richdocuments/pull/2161 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-94hr-7g4v-f53r https://hackerone.com/reports/1210424 • CWE-284: Improper Access Control CWE-346: Origin Validation Error •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-39223 – File path disclosure of shared files in Richdocuments application
https://notcve.org/view.php?id=CVE-2021-39223
Nextcloud is an open-source, self-hosted productivity platform. The Nextcloud Richdocuments application prior to versions 3.8.6 and 4.2.3 returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. (e.g. an attacker could see that the file `shared.txt` is located within `/files/$username/Myfolder/Mysubfolder/shared.txt`). It is recommended that the Richdocuments application is upgraded to 3.8.6 or 4.2.3. • https://github.com/nextcloud/richdocuments/pull/1760 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-rjcc-4cgj-6v93 https://hackerone.com/reports/1253460 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-37629 – Lack of ratelimit on Richdocuments OCS endpoint in nextcloud
https://notcve.org/view.php?id=CVE-2021-37629
Nextcloud Richdocuments is an open source collaborative office suite. In affected versions there is a lack of rate limiting on the Richdocuments OCS endpoint. This may have allowed an attacker to enumerate potentially valid share tokens. It is recommended that the Nextcloud Richdocuments app is upgraded to either 3.8.4 or 4.2.1 to resolve. For users unable to upgrade it is recommended that the Richdocuments application be disabled. • https://github.com/nextcloud/richdocuments/pull/1663 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-gvvr-h36p-8mjx https://hackerone.com/reports/1258750 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-37628 – File Drop can be bypassed using Richdocuments app in nextcloud
https://notcve.org/view.php?id=CVE-2021-37628
Nextcloud Richdocuments is an open source collaborative office suite. In affected versions the File Drop features ("Upload Only" public link shares in Nextcloud) can be bypassed using the Nextcloud Richdocuments app. An attacker was able to read arbitrary files in such a share. It is recommended that the Nextcloud Richdocuments is upgraded to 3.8.4 or 4.2.1. If upgrading is not possible then it is recommended to disable the Richdocuments application. • https://github.com/nextcloud/richdocuments/pull/1664 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-pxhh-954f-8w7w https://hackerone.com/reports/1253403 • CWE-639: Authorization Bypass Through User-Controlled Key •