Vulnerabilities > Nextcloud > Nextcloud > 2.23.0

DATE CVE VULNERABILITY TITLE RISK
2023-12-22 CVE-2023-49790 Improper Authentication vulnerability in Nextcloud
The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform.
low complexity
nextcloud CWE-287
4.3
2021-06-11 CVE-2021-22912 Information Exposure vulnerability in Nextcloud
Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user.
network
nextcloud CWE-200
4.3
2020-02-04 CVE-2019-15614 Cross-site Scripting vulnerability in Nextcloud
Missing sanitization in the iOS App 2.24.4 causes an XSS when opening malicious HTML files.
network
nextcloud CWE-79
3.5
2020-02-04 CVE-2019-15611 Unspecified vulnerability in Nextcloud
Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g.
network
low complexity
nextcloud
4.0
2017-04-05 CVE-2017-0888 Improper Input Validation vulnerability in Nextcloud
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app.
network
low complexity
nextcloud CWE-20
4.3
2017-03-28 CVE-2016-9460 Improper Access Control vulnerability in multiple products
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a content-spoofing attack in the files app.
network
low complexity
nextcloud owncloud CWE-284
5.0