A missing check in Nextcloud Server prior to 14.0.0 could give unauthorized access to the previews of single file password protected shares.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Nextcloud_server | Nextcloud | * | 14.0.0 (excluding) |