Nextcloud · Nextcloud · CVE-2021-22877
**Name of the Vulnerable Software and Affected Versions**
Nextcloud versions prior to 20.0.6
**Description**
A missing user check in Nextcloud inadvertently populates a user's own credentials for other users' external storage configuration when not already configured yet.
**Recommendations**
For Nextcloud versions prior to 20.0.6, update to version 20.0.6 or later to resolve the issue. As a temporary workaround, consider restricting access to external storage configurations to minimize the risk of exploitation.