关键信息 1. 漏洞描述: - 标题: User can copy locked folders and gain access to the contents - 报告人: maccs - 报告时间: April 4, 2024, 3:52pm UTC 2. 漏洞详情: - 漏洞类型: Improper Access Control - Generic - 严重性: Medium (4.1) - 漏洞链接: Security advisory 3. 报告状态: - 报告状态: Resolved - 披露时间: November 16, 2024, 9:14am UTC 4. 奖励: - 奖励金额: $500 5. CVE编号: - CVE编号: CVE-2024-52514 6. 参与人员: - 报告人: maccs - 报告对象: Nextcloud - 参与者: Nextcloud staff 7. 时间线: - 提交报告: April 4, 2024, 3:52pm UTC - 状态变更: April 4, 2024, 3:53pm UTC (Triaged) - 状态变更: April 4, 2024, 4:48pm UTC (Resolved) - 奖励发放: April 30, 2024, 7:49am UTC - 请求披露: 2 days ago - 同意披露: 8 hours ago 总结 这个漏洞报告描述了一个用户可以复制锁定的文件夹并获取其内容的漏洞。漏洞被标记为中等严重性,并且已经由Nextcloud修复并披露。报告人maccs获得了$500的奖励。时间线显示了漏洞报告、状态变更、奖励发放等关键事件。