Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nextcloud Calendar app allowed booking appointments without the generated token
Vulnerability Description
Nextcloud Calendar is a calendar app for Nextcloud. Prior to 4.7.19, 5.5.6, and 6.0.1, the calendar app allowed blindly booking appointments with a squential ID without known the appointment token. This vulnerability is fixed in 4.7.19, 5.5.6, and 6.0.1.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Nextcloud Calendar 安全漏洞
Vulnerability Description
Nextcloud Calendar是Nextcloud开源的一个日历应用程序。 Nextcloud Calendar 4.7.19之前版本、5.5.6之前版本和6.0.1之前版本存在安全漏洞,该漏洞源于日历应用允许盲目预订会议,可能导致未授权访问。
CVSS Information
N/A
Vulnerability Type
N/A