1 results (0.003 seconds)
CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0
CVE-2024-37314 – Nextcloud Photos' shared albums have no restriction on photo removal
https://notcve.org/view.php?id=CVE-2024-37314
Nextcloud Photos is a photo management app. Users can remove photos from the album of registered users. It is recommended that the Nextcloud Server is upgraded to 25.0.7 or 26.0.2 and the Nextcloud Enterprise Server is upgraded to 25.0.7 or 26.0.2. Nextcloud Photos es una aplicación de gestión de fotografías. Los usuarios pueden eliminar fotos del álbum de usuarios registrados. • https://github.com/nextcloud/photos/pull/1749 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-9chh-5prm-wp43 https://hackerone.com/reports/1946298 • CWE-284: Improper Access Control •