Julien-Nc

**Name of the Vulnerable Software and Affected Versions** Nextcloud versions 6.1.0 through 8.2.1 **Description** An attacker can craft malicious links that redirect users to an external website when the victim attempts to log in using OpenID Connect (OIDC), a protocol used for authentication. **Recommendations** Update to version 8.2.2.

**Name of the Vulnerable Software and Affected Versions** Nextcloud mail versions prior to 1.12.2 **Description** The issue concerns missing user account ownership checks when performing tasks related to mail attachments in Nextcloud mail, potentially exposing attachments to incorrect system users. **Recommendations** For versions prior to 1.12.2, upgrade the Nextcloud Mail app to 1.12.2, as there are no known workarounds for this issue.