Noumar

**Name of the Vulnerable Software and Affected Versions** Nextcloud Server versions prior to 12.0.8 Nextcloud Server versions prior to 13.0.3 **Description** The issue is related to improper authentication on the `OAuth2 token endpoint`. It involves missing checks that could potentially allow handing out new tokens if the `OAuth2 client` was partly compromised. **Recommendations** For versions prior to 12.0.8, update to version 12.0.8 or later. For versions prior to 13.0.3, update to version 13.0.3 or later.