An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nextcloud nextcloud server |
||
opensuse backports sle 15.0 |
||
novell suse linux enterprise server 12.0 |