Описание
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthorized users. It is recommended that the Nextcloud Deck app is upgraded to 1.2.11, 1.4.6, or 1.5.4. There is no workaround available.
Ссылки
- Issue TrackingPatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.11 (исключая)Версия от 1.4.0 (включая) до 1.4.6 (исключая)Версия от 1.5.0 (включая) до 1.5.4 (исключая)
Одно из
cpe:2.3:a:nextcloud:deck:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:deck:*:*:*:*:*:*:*:*
cpe:2.3:a:nextcloud:deck:*:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00269
Низкий
3.5 Low
CVSS3
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200
CWE-209
EPSS
Процентиль: 50%
0.00269
Низкий
3.5 Low
CVSS3
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200
CWE-209