Root1856

**Name of the Vulnerable Software and Affected Versions** Nextcloud versions 0.7.0 through 0.7.6 Nextcloud versions 0.8.0 through 0.8.9 Nextcloud versions 0.9.0 through 0.9.7 Nextcloud versions 1.0.0 through 1.0.3 **Description** An authenticated attacker with access to the Tables app can execute arbitrary SQL queries through a stored injection. While queries are typically limited to 20 bytes, carefully crafted input can bypass this length restriction. This allows the attacker to extract information from the database or modify data. **Recommendations** Update to version 0.7.7 for versions 0.7.0 through 0.7.6. Update to version 0.8.10 for versions 0.8.0 through 0.8.9. Update to version 0.9.8 for versions 0.9.0 through 0.9.7. Update to version 1.0.4 for versions 1.0.0 through 1.0.3.