PT-2024-35347 · Nextcloud · Nextcloud Tables
Arianitisufi
·
Published
2024-11-15
·
Updated
2025-10-01
·
CVE-2024-52507
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Nextcloud Tables versions prior to 0.8.1
Description
The issue concerns the sharing of table information in Nextcloud Tables, where the details about which table (identified by a numeric ID) is shared with specific groups and users, along with the respective permissions, were not properly restricted to affected users.
Recommendations
For versions prior to 0.8.1, upgrade the Nextcloud Tables app to version 0.8.1 to resolve the issue.
Exploit
Fix
IDOR
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nextcloud Tables