CVE-2021-22895

Published June 11th, 2021

View on NVD ↗

CVSS v3

5.9

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECTS

Description

Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.

nextcloud/security-advisories

👮 Security advisories of Nextcloud

GitHub

nextcloud/desktop

💻 Desktop sync client for Nextcloud

GitHub

3.73K