Published: 17/04/2023 Updated: 27/04/2023

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

Subscribe to Nextcloud Files Automated Tagging

Nextcloud is a personal home server system. Depending on the set up tags and other workflows this issue can be used to limit access of others or being able to grant them access when there are system tag based files access control or files retention rules. It is recommended that the Nextcloud Server is upgraded to 24.0.11 or 25.0.5, the Nextcloud Enterprise Server to 21.0.9.11, 22.2.10.11, 23.0.12.6, 24.0.11 or 25.0.5, and the Nextcloud Files automated tagging app to 1.11.1, 1.12.1, 1.13.1, 1.14.2, 1.15.3 or 1.16.1. Users unable to upgrade should disable all workflow related apps. Users are advised to upgrade.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nextcloud nextcloud files automated tagging 1.12.0
nextcloud nextcloud files automated tagging 1.13.0
nextcloud nextcloud files automated tagging
nextcloud nextcloud files automated tagging 1.16.0
nextcloud nextcloud files automated tagging 1.11.0
nextcloud nextcloud server

NVD-CWE-noinfo https://github.com/nextcloud/security-advisories/security/advisories/GHSA-3m2f-v8x7-9w99 https://hackerone.com/reports/1895976 https://github.com/nextcloud/server/pull/37252 https://github.com/nextcloud/files_automatedtagging/pull/705 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-30539

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect