Vulnerabilities > Nextcloud > Deck > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-14 | CVE-2024-37883 | Unspecified vulnerability in Nextcloud Deck Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. | 4.3 |
2024-01-18 | CVE-2024-22213 | Cross-site Scripting vulnerability in Nextcloud Deck Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. | 5.4 |
2023-01-14 | CVE-2023-22470 | Improper Input Validation vulnerability in Nextcloud Deck Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. | 6.5 |
2023-01-14 | CVE-2023-22471 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Deck Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. | 4.3 |
2022-05-20 | CVE-2022-24906 | Information Exposure Through an Error Message vulnerability in Nextcloud Deck Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. | 4.3 |
2022-05-20 | CVE-2022-29159 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Deck Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. | 4.3 |
2021-09-07 | CVE-2021-37631 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Deck Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. | 6.5 |
2021-06-11 | CVE-2021-22913 | Information Exposure vulnerability in Nextcloud Deck Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server unless a global search has been explicitly chosen by the user. | 6.5 |
2021-02-23 | CVE-2020-8297 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Deck Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user. | 4.3 |
2020-10-05 | CVE-2020-8235 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Deck 1.0.4 Missing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing an attacker to view all attachments. | 4.3 |