Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Exposure of Private Personal Information to an Unauthorized Actor in Nextcloud Talk
Vulnerability Description
Nextcloud Talk is a video and audio conferencing app for Nextcloud. In versions prior to 13.0.5 and 14.0.0, a call moderator can indirectly enable user webcams by granting permissions, if they were enabled before removing the permissions. A patch is available in versions 13.0.5 and 14.0.0. There are currently no known workarounds.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
侵犯隐私
Vulnerability Title
Nextcloud Talk 信息泄露漏洞
Vulnerability Description
Nextcloud Talk是德国Nextcloud公司的一款自托管的本地音频/视频和聊天通信服务。 Nextcloud Talk 13.0.0至13.0.4版本存在信息泄露漏洞,该漏洞允许远程攻击者访问潜在的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A