Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
User without download rights can download older version of that file in nextcloud server
Vulnerability Description
Nextcloud server is an open source home cloud implementation. In affected versions users that should not be able to download a file can still download an older version and use that for uncontrolled distribution. This issue has been addressed in versions 24.0.10 and 25.0.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Nextcloud 访问控制错误漏洞
Vulnerability Description
Nextcloud是德国Nextcloud公司的一套开源的自托管文件同步和共享的通信应用平台。 Nextcloud server存在访问控制错误漏洞,该漏洞源于不能够下载文件的用户仍然可以下载旧版本。
CVSS Information
N/A
Vulnerability Type
N/A