Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Error in calendar when booking an appointment reveals the full path of the website
Vulnerability Description
Calendar app for Nextcloud easily sync events from various devices with your Nextcloud. Some internal paths of the website are disclosed when the SMTP server is unavailable. It is recommended that the Calendar app is updated to 3.5.5 or 4.2.3
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制不恰当
Vulnerability Title
Nextcloud Calendar 安全漏洞
Vulnerability Description
Nextcloud是德国Nextcloud公司的一套开源的自托管文件同步和共享的通信应用平台。 Nextcloud Calendar v4.2.2及之前版本、v3.5.4及之前版本存在安全漏洞,该漏洞源于当 SMTP 服务器不可用时,网站的某些内部路径会被泄露。
CVSS Information
N/A
Vulnerability Type
N/A