Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nextcloud Server users can modify tags on files that do not belong to them
Vulnerability Description
Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Enterprise Server prior to 31.0.1, non-privileged users can modify tags on files they should not have access to via bulk tagging. This vulnerability is fixed in 31.0.1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
通过用户控制密钥绕过授权机制
Vulnerability Title
Nextcloud Server 安全漏洞
Vulnerability Description
Nextcloud Server是Nextcloud开源的一个Nextcloud服务器程序。 Nextcloud Server 31.0.1之前版本存在安全漏洞,该漏洞源于非特权用户可通过批量标记修改文件标签,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A