Lukasreschke

**Name of the Vulnerable Software and Affected Versions** Nextcloud Server versions prior to 28.0.11 Nextcloud Server versions prior to 29.0.8 Nextcloud Server versions prior to 30.0.1 Nextcloud Enterprise Server versions prior to 25.0.13.13 Nextcloud Enterprise Server versions prior to 26.0.13.9 Nextcloud Enterprise Server versions prior to 27.1.11.9 Nextcloud Enterprise Server versions prior to 28.0.11 Nextcloud Enterprise Server versions prior to 29.0.8 Nextcloud Enterprise Server versions prior to 30.0.1 **Description** The issue allows a malicious user to download attachments referenced in text files without providing a password after receiving a "Files drop" or "Password protected" share link. **Recommendations** Upgrade Nextcloud Server to version 28.0.11 Upgrade Nextcloud Server to version 29.0.8 Upgrade Nextcloud Server to version 30.0.1 Upgrade Nextcloud Enterprise Server to version 25.0.13.13 Upgrade Nextcloud Enterprise Server to version 26.0.13.9 Upgrade Nextcloud Enterprise Server to version 27.1.11.9 Upgrade Nextcloud Enterprise Server to version 28.0.11 Upgrade Nextcloud Enterprise Server to version 29.0.8 Upgrade Nextcloud Enterprise Server to version 30.0.1

**Name of the Vulnerable Software and Affected Versions** user oidc app versions prior to 3.0.0 user oidc app versions prior to 4.0.0 user oidc app versions prior to 5.0.0 **Description** The issue is related to missing access control on the ID4me endpoint, allowing an attacker to register an account and potentially gain access to data available to all registered users. **Recommendations** For versions prior to 3.0.0, upgrade to version 3.0.0 or later. For versions prior to 4.0.0, upgrade to version 4.0.0 or later. For versions prior to 5.0.0, upgrade to version 5.0.0 or later.

**Name of the Vulnerable Software and Affected Versions** Nextcloud Talk versions prior to 14.0.9 Nextcloud Talk versions prior to 15.0.4 **Description** The issue arises from the talk app not properly filtering access to a conversation's member list. This allows an attacker to gain information about the members of a Talk conversation, even if they are not members themselves. **Recommendations** For versions prior to 14.0.9, upgrade to 14.0.9. For versions prior to 15.0.4, upgrade to 15.0.4. As a temporary workaround, consider restricting access to the conversation member list until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Nextcloud Server versions prior to 20.0.13 Nextcloud Server versions prior to 21.0.5 Nextcloud Server versions prior to 22.2.0 **Description** Nextcloud is an open-source, self-hosted productivity platform. The Two-Factor Authentication wasn't enforced for pages marked as `@PublicPage`. This could be leveraged to gain access to any private chat channel without going through the Two-Factor flow, particularly affecting the Nextcloud Talk application. **Recommendations** For versions prior to 20.0.13, upgrade to 20.0.13. For versions prior to 21.0.5, upgrade to 21.0.5. For versions prior to 22.2.0, upgrade to 22.2.0. As a temporary workaround, consider restricting access to pages marked as `@PublicPage` until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Nextcloud Richdocuments versions prior to 3.8.4 Nextcloud Richdocuments versions prior to 4.2.1 **Description** Nextcloud Richdocuments is an open source collaborative office suite. In affected versions, there is a lack of rate limiting on the "Richdocuments OCS endpoint". This may have allowed an attacker to enumerate potentially valid share tokens. **Recommendations** For versions prior to 3.8.4, upgrade to version 3.8.4 to resolve the issue. For versions prior to 4.2.1, upgrade to version 4.2.1 to resolve the issue. For users unable to upgrade, disable the Richdocuments application as a temporary workaround.

**Name of the Vulnerable Software and Affected Versions** Nextcloud Server versions prior to 11.0.3 **Description** The issue is related to a logical error that leads to the disclosure of valid share tokens for public calendars. This could potentially allow an attacker to access publicly shared calendars without knowing the share token. **Recommendations** For versions prior to 11.0.3, update to version 11.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to publicly shared calendars until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Nextcloud Server versions prior to 10.0.1 ownCloud Server versions prior to 9.0.6 and 9.1.2 **Description** The issue concerns a Stored XSS in the CardDAV image export functionality. This functionality allows the download of images stored within a vCard. Due to the lack of verification on the image content, it is prone to a stored Cross-Site Scripting attack. **Recommendations** For Nextcloud Server versions prior to 10.0.1, update to version 10.0.1 or later. For ownCloud Server versions prior to 9.0.6, update to version 9.0.6 or later. For ownCloud Server version 9.1, update to version 9.1.2 or later.