Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Nextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-owners
Vulnerability Description
Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.14.6 and 1.15.2, a bug in the permission logic allowed users with "Can share" permission to modify the permissions of other recipients. This vulnerability is fixed in 1.14.6 and 1.15.2.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
访问控制不恰当
Vulnerability Title
Nextcloud Desktop Client 访问控制错误漏洞
Vulnerability Description
Nextcloud Desktop Client是Nextcloud GmbH的一个开源的文件同步和共享工具。 Nextcloud Desktop Client 1.14.6之前版本和1.15.2之前版本存在访问控制错误漏洞,该漏洞源于权限逻辑错误,可能导致共享权限被滥用。
CVSS Information
N/A
Vulnerability Type
N/A