Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nextcloud Mail app does not respect download permissions in shares
Vulnerability Description
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. It is recommended that the Nextcloud Mail is upgraded to 2.2.10, 3.6.2 or 3.7.2.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
Nextcloud Mail 访问控制错误漏洞
Vulnerability Description
Nextcloud Mail是德国Nextcloud公司的一个电子邮件。 Nextcloud Mail存在访问控制错误漏洞,该漏洞源于允许将没有下载权限的共享文件作为附件附加。
CVSS Information
N/A
Vulnerability Type
N/A