Cybertechajju

**Name of the Vulnerable Software and Affected Versions** Nextcloud versions 0.3.0 through 3.0.x Nextcloud versions 5.0.0 through 5.0.x Nextcloud versions 6.0.0 through 6.3.x **Description** A missing signature verification in User OIDC allows a malicious ID4me authority to identify as any user. This occurs due to the lack of JWT (JSON Web Token) signature verification, which is a standard used to securely transmit information between parties as a JSON object. **Recommendations** Update versions 0.3.0 through 3.0.x to version 3.1.0. Update versions 5.0.0 through 5.0.x to version 5.1.0. Update versions 6.0.0 through 6.3.x to version 6.4.0.