CVE-2021-22896

Published June 11th, 2021

View on NVD ↗

CVSS v3

4.3

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECTS

Description

Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.

nextcloud/security-advisories

👮 Security advisories of Nextcloud

GitHub

nextcloud/mail

💌 Mail app for Nextcloud

GitHub

992