CVE-2023-48301

CVSS V2 None CVSS V3 None
Description
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, an attacker could insert links into circles name that would be opened when clicking the circle name in a search filter. Nextcloud Server and Nextcloud Enterprise Server versions 25.0.13, 26.0.8, and 27.1.3 contain a fix for this issue. As a workaround, disable app circles.
Overview
  • CVE ID
  • CVE-2023-48301
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-11-21T21:26:21.288Z
  • Last Modified Date
  • 2023-11-21T21:26:21.288Z
History
Created Old Value New Value Data Type Notes
2024-06-24 23:31:31 Added to TrackCVE