Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Nextcloud Server 30.0.0 is vulnerable to an Insecure Direct Object Reference (IDOR) in the /core/preview endpoint. Any authenticated user can access previews of arbitrary files belonging to other users by manipulating the fileId parameter. This allows unauthorized disclosure of sensitive data, such as text files or images, without prior sharing permissions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nextcloud Server 安全漏洞
Vulnerability Description
Nextcloud Server是Nextcloud开源的一个Nextcloud服务器程序。 Nextcloud Server 30.0.0版本存在安全漏洞,该漏洞源于/core/preview端点存在不安全的直接对象引用,可能导致未授权访问敏感数据。
CVSS Information
N/A
Vulnerability Type
N/A