Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Permission bypass in Nextcloud Android App
Vulnerability Description
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions prior to 3.17.1 may lead to sensitive information disclosure. An unauthorized app that does not have the otherwise required `MANAGE_DOCUMENTS` permission may view image thumbnails for images it does not have permission to view. Version 3.17.1 contains a patch. There are no known workarounds.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
缺省权限不正确
Vulnerability Title
Nextcloud Android app 信息泄露漏洞
Vulnerability Description
Nextcloud Android app是德国Nextcloud公司的一款基于Android平台,用于访问Nextcloud服务器的移动应用程序。 Nextcloud Android app 存在安全漏洞,该漏洞源于 3.17.1 之前版本中的问题可能导致敏感信息泄露。 未经授权的应用如果没有其他所需的“MANAGE_DOCUMENTS”权限,则可以查看其无权查看的图像的图像缩略图。
CVSS Information
N/A
Vulnerability Type
N/A