CVE-2023-30540

Name of the Vulnerable Software and Affected Versions Nextcloud Talk versions prior to 15.0.5

Description The issue allows a user added later to a conversation to access data that was deleted before they were added. This is a problem in Nextcloud Talk, a chat, video, and audio call extension for Nextcloud.

Recommendations For versions prior to 15.0.5, upgrade to version 15.0.5 to resolve the issue. As a temporary workaround, consider restricting access to conversations that contain sensitive or deleted data until the upgrade is applied.