Количество 2
Количество 2
CVE-2025-66554
Contacts app for Nextcloud easily syncs contacts from various devices with your Nextcloud and allows editing. Prior to 5.5.4, 6.0.6, and 7.2.5, a malicious user was able to modify their organisation and title field to load additional CSS files. Javascript and other options were correctly blocked by the content security policy of the Nextcloud Server code. This vulnerability is fixed in 5.5.4, 6.0.6, and 7.2.5.
ROS-20260129-73-0050
Уязвимость nextcloud-app-contacts
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-66554 Contacts app for Nextcloud easily syncs contacts from various devices with your Nextcloud and allows editing. Prior to 5.5.4, 6.0.6, and 7.2.5, a malicious user was able to modify their organisation and title field to load additional CSS files. Javascript and other options were correctly blocked by the content security policy of the Nextcloud Server code. This vulnerability is fixed in 5.5.4, 6.0.6, and 7.2.5. | CVSS3: 3.5 | 0% Низкий | 2 месяца назад |
 | ROS-20260129-73-0050 Уязвимость nextcloud-app-contacts | CVSS3: 5.4 | 0% Низкий | 12 дней назад |
Уязвимостей на страницу