Vulnerabilities > CVE-2022-31132 - Server-Side Request Forgery (SSRF) vulnerability in Nextcloud Mail

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

nextcloud

CWE-918

critical

NVD

Published: 2022-08-04

Updated: 2022-08-10

Summary

Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at `./vendor/cerdic/css-tidy/css_optimiser.php`

Vulnerable Configurations

Part	Description	Count
Application	Nextcloud Nextcloud Mail 1.13.0 Nextcloud Mail 1.10.4 Nextcloud Mail 1.11.8 Nextcloud Mail 1.12.1	4

Common Weakness Enumeration (CWE)

CWE-918 - Server-Side Request Forgery (SSRF)

References

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-24pm-rjfv-23mh