CVE-2021-22877

Published March 3rd, 2021

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

5.5

MEDIUM

Affected

PROJECT

Description

A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configuration when not already configured yet.

nextcloud/server

☁️ Nextcloud server, a safe home for all your data

GitHub

35.9K