Описание
Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.
Ссылки
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.9.5 (исключая)
cpe:2.3:a:nextcloud:nextcloud:*:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00409
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-862
CWE-862
EPSS
Процентиль: 61%
0.00409
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-862
CWE-862