Search criteria
7 vulnerabilities found for Approval by Nextcloud
CVE-2026-45277 (GCVE-0-2026-45277)
Vulnerability from nvd – Published: 2026-06-01 16:51 – Updated: 2026-06-01 21:43
VLAI
Title
Nextcloud: Information disclosure in Nextcloud Approval app via fileId parameter reveals workflow associations
Summary
Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, authenticated users can check if arbitrary files are associated with specific approval workflows where they can request approval. This issue has been patched in version 2.7.2.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/nextcloud/security-advisories/… | x_refsource_CONFIRM |
| https://github.com/nextcloud/approval/pull/356 | x_refsource_MISC |
| https://hackerone.com/reports/3475210 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nextcloud | security-advisories |
Affected:
< 2.7.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-45277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T21:43:07.958628Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T21:43:17.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003c 2.7.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, authenticated users can check if arbitrary files are associated with specific approval workflows where they can request approval. This issue has been patched in version 2.7.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T16:51:34.087Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h7gm-vgxr-9hcw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h7gm-vgxr-9hcw"
},
{
"name": "https://github.com/nextcloud/approval/pull/356",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/approval/pull/356"
},
{
"name": "https://hackerone.com/reports/3475210",
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/3475210"
}
],
"source": {
"advisory": "GHSA-h7gm-vgxr-9hcw",
"discovery": "UNKNOWN"
},
"title": "Nextcloud: Information disclosure in Nextcloud Approval app via fileId parameter reveals workflow associations"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-45277",
"datePublished": "2026-06-01T16:51:34.087Z",
"dateReserved": "2026-05-11T18:41:13.157Z",
"dateUpdated": "2026-06-01T21:43:17.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-45275 (GCVE-0-2026-45275)
Vulnerability from nvd – Published: 2026-06-01 16:51 – Updated: 2026-06-01 19:31
VLAI
Title
Nextcloud: Authorization bypass in approval feature allows unauthorized file sharing with approvers
Summary
Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege escalation vulnerability exists in the Approval app that allows a user without sharing permissions to force the system to share a file with approvers. This results in an authorization bypass and privilege escalation, allowing unauthorized distribution of restricted files. This issue has been patched in version 2.7.2.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-285 - Improper Authorization
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/nextcloud/security-advisories/… | x_refsource_CONFIRM |
| https://github.com/nextcloud/approval/pull/392 | x_refsource_MISC |
| https://hackerone.com/reports/3593780 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nextcloud | security-advisories |
Affected:
< 2.7.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-45275",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T19:31:41.793146Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T19:31:53.967Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003c 2.7.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege escalation vulnerability exists in the Approval app that allows a user without sharing permissions to force the system to share a file with approvers. This results in an authorization bypass and privilege escalation, allowing unauthorized distribution of restricted files. This issue has been patched in version 2.7.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T16:51:22.429Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v8q8-w6c3-3gv9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v8q8-w6c3-3gv9"
},
{
"name": "https://github.com/nextcloud/approval/pull/392",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/approval/pull/392"
},
{
"name": "https://hackerone.com/reports/3593780",
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/3593780"
}
],
"source": {
"advisory": "GHSA-v8q8-w6c3-3gv9",
"discovery": "UNKNOWN"
},
"title": "Nextcloud: Authorization bypass in approval feature allows unauthorized file sharing with approvers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-45275",
"datePublished": "2026-06-01T16:51:22.429Z",
"dateReserved": "2026-05-11T18:41:13.157Z",
"dateUpdated": "2026-06-01T19:31:53.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66515 (GCVE-0-2025-66515)
Vulnerability from nvd – Published: 2025-12-05 17:37 – Updated: 2025-12-05 18:10
VLAI
Title
Nextcloud Approval app allows users to request approval for other users file
Summary
The Nextcloud Approval app allows approval or disapproval of files in the sidebar. Prior to 1.3.1 and 2.5.0, an authenticated user listed as a requester in a workflow can set another user’s file into the “pending approval” without access to the file by using the numeric file id. This vulnerability is fixed in 1.3.1 and 2.5.0.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/nextcloud/security-advisories/… | x_refsource_CONFIRM |
| https://github.com/nextcloud/approval/pull/334 | x_refsource_MISC |
| https://github.com/nextcloud/approval/commit/e30b… | x_refsource_MISC |
| https://hackerone.com/reports/3338748 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nextcloud | security-advisories |
Affected:
>= 2.0.0, < 2.5.0
Affected: < 1.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66515",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-05T18:03:48.806874Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-05T18:10:00.615Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.5.0"
},
{
"status": "affected",
"version": "\u003c 1.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Nextcloud Approval app allows approval or disapproval of files in the sidebar. Prior to 1.3.1 and 2.5.0, an authenticated user listed as a requester in a workflow can set another user\u2019s file into the \u201cpending approval\u201d without access to the file by using the numeric file id. This vulnerability is fixed in 1.3.1 and 2.5.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-05T17:37:06.767Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-q26g-fmjq-x5g5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-q26g-fmjq-x5g5"
},
{
"name": "https://github.com/nextcloud/approval/pull/334",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/approval/pull/334"
},
{
"name": "https://github.com/nextcloud/approval/commit/e30b56b7832255311ac800b7875f44866e88fff4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/approval/commit/e30b56b7832255311ac800b7875f44866e88fff4"
},
{
"name": "https://hackerone.com/reports/3338748",
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/3338748"
}
],
"source": {
"advisory": "GHSA-q26g-fmjq-x5g5",
"discovery": "UNKNOWN"
},
"title": "Nextcloud Approval app allows users to request approval for other users file"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-66515",
"datePublished": "2025-12-05T17:37:06.767Z",
"dateReserved": "2025-12-03T15:28:02.992Z",
"dateUpdated": "2025-12-05T18:10:00.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-45277 (GCVE-0-2026-45277)
Vulnerability from cvelistv5 – Published: 2026-06-01 16:51 – Updated: 2026-06-01 21:43
VLAI
Title
Nextcloud: Information disclosure in Nextcloud Approval app via fileId parameter reveals workflow associations
Summary
Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, authenticated users can check if arbitrary files are associated with specific approval workflows where they can request approval. This issue has been patched in version 2.7.2.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/nextcloud/security-advisories/… | x_refsource_CONFIRM |
| https://github.com/nextcloud/approval/pull/356 | x_refsource_MISC |
| https://hackerone.com/reports/3475210 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nextcloud | security-advisories |
Affected:
< 2.7.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-45277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T21:43:07.958628Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T21:43:17.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003c 2.7.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, authenticated users can check if arbitrary files are associated with specific approval workflows where they can request approval. This issue has been patched in version 2.7.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T16:51:34.087Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h7gm-vgxr-9hcw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h7gm-vgxr-9hcw"
},
{
"name": "https://github.com/nextcloud/approval/pull/356",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/approval/pull/356"
},
{
"name": "https://hackerone.com/reports/3475210",
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/3475210"
}
],
"source": {
"advisory": "GHSA-h7gm-vgxr-9hcw",
"discovery": "UNKNOWN"
},
"title": "Nextcloud: Information disclosure in Nextcloud Approval app via fileId parameter reveals workflow associations"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-45277",
"datePublished": "2026-06-01T16:51:34.087Z",
"dateReserved": "2026-05-11T18:41:13.157Z",
"dateUpdated": "2026-06-01T21:43:17.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-45275 (GCVE-0-2026-45275)
Vulnerability from cvelistv5 – Published: 2026-06-01 16:51 – Updated: 2026-06-01 19:31
VLAI
Title
Nextcloud: Authorization bypass in approval feature allows unauthorized file sharing with approvers
Summary
Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege escalation vulnerability exists in the Approval app that allows a user without sharing permissions to force the system to share a file with approvers. This results in an authorization bypass and privilege escalation, allowing unauthorized distribution of restricted files. This issue has been patched in version 2.7.2.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-285 - Improper Authorization
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/nextcloud/security-advisories/… | x_refsource_CONFIRM |
| https://github.com/nextcloud/approval/pull/392 | x_refsource_MISC |
| https://hackerone.com/reports/3593780 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nextcloud | security-advisories |
Affected:
< 2.7.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-45275",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-01T19:31:41.793146Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T19:31:53.967Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003c 2.7.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, a privilege escalation vulnerability exists in the Approval app that allows a user without sharing permissions to force the system to share a file with approvers. This results in an authorization bypass and privilege escalation, allowing unauthorized distribution of restricted files. This issue has been patched in version 2.7.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T16:51:22.429Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v8q8-w6c3-3gv9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v8q8-w6c3-3gv9"
},
{
"name": "https://github.com/nextcloud/approval/pull/392",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/approval/pull/392"
},
{
"name": "https://hackerone.com/reports/3593780",
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/3593780"
}
],
"source": {
"advisory": "GHSA-v8q8-w6c3-3gv9",
"discovery": "UNKNOWN"
},
"title": "Nextcloud: Authorization bypass in approval feature allows unauthorized file sharing with approvers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-45275",
"datePublished": "2026-06-01T16:51:22.429Z",
"dateReserved": "2026-05-11T18:41:13.157Z",
"dateUpdated": "2026-06-01T19:31:53.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66515 (GCVE-0-2025-66515)
Vulnerability from cvelistv5 – Published: 2025-12-05 17:37 – Updated: 2025-12-05 18:10
VLAI
Title
Nextcloud Approval app allows users to request approval for other users file
Summary
The Nextcloud Approval app allows approval or disapproval of files in the sidebar. Prior to 1.3.1 and 2.5.0, an authenticated user listed as a requester in a workflow can set another user’s file into the “pending approval” without access to the file by using the numeric file id. This vulnerability is fixed in 1.3.1 and 2.5.0.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/nextcloud/security-advisories/… | x_refsource_CONFIRM |
| https://github.com/nextcloud/approval/pull/334 | x_refsource_MISC |
| https://github.com/nextcloud/approval/commit/e30b… | x_refsource_MISC |
| https://hackerone.com/reports/3338748 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| nextcloud | security-advisories |
Affected:
>= 2.0.0, < 2.5.0
Affected: < 1.3.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66515",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-05T18:03:48.806874Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-05T18:10:00.615Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "security-advisories",
"vendor": "nextcloud",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 2.5.0"
},
{
"status": "affected",
"version": "\u003c 1.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Nextcloud Approval app allows approval or disapproval of files in the sidebar. Prior to 1.3.1 and 2.5.0, an authenticated user listed as a requester in a workflow can set another user\u2019s file into the \u201cpending approval\u201d without access to the file by using the numeric file id. This vulnerability is fixed in 1.3.1 and 2.5.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-05T17:37:06.767Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-q26g-fmjq-x5g5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-q26g-fmjq-x5g5"
},
{
"name": "https://github.com/nextcloud/approval/pull/334",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/approval/pull/334"
},
{
"name": "https://github.com/nextcloud/approval/commit/e30b56b7832255311ac800b7875f44866e88fff4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/approval/commit/e30b56b7832255311ac800b7875f44866e88fff4"
},
{
"name": "https://hackerone.com/reports/3338748",
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/3338748"
}
],
"source": {
"advisory": "GHSA-q26g-fmjq-x5g5",
"discovery": "UNKNOWN"
},
"title": "Nextcloud Approval app allows users to request approval for other users file"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-66515",
"datePublished": "2025-12-05T17:37:06.767Z",
"dateReserved": "2025-12-03T15:28:02.992Z",
"dateUpdated": "2025-12-05T18:10:00.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CERTFR-2025-AVI-1066
Vulnerability from certfr_avis - Published: 2025-12-05 - Updated: 2025-12-05
De multiples vulnérabilités ont été découvertes dans les produits Nextcloud. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et une injection de code indirecte à distance (XSS).
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Nextcloud | Server | Server versions 28.0.x antérieures à 28.0.14.11 | ||
| Nextcloud | Groupfolders | Groupfolders versions 15.3.x antérieures à 15.3.12 | ||
| Nextcloud | Server | Server versions 30.0.x antérieures à 30.0.17.3 | ||
| Nextcloud | Server | Server versions 31.0.x antérieures à 31.0.12 | ||
| Nextcloud | Calendar | Calendar versions 5.x antérieures à 5.5.6 | ||
| Nextcloud | Deck | Deck versions 1.14.x antérieures à 1.14.4 | ||
| Nextcloud | Groupfolders | Groupfolders versions 19.1.x antérieures à 19.1.8 | ||
| Nextcloud | Server | Server versions 29.0.x antérieures à 29.0.16.8 | ||
| Nextcloud | Groupfolders | Groupfolders versions 16.0.x antérieures à 16.0.15 | ||
| Nextcloud | Calendar | Calendar versions 4.x antérieures à 4.7.19 | ||
| Nextcloud | Approval | Approval versions 2.x antérieures à 2.5.0 | ||
| Nextcloud | Groupfolders | Groupfolders versions 18.1.x antérieures à 18.1.8 | ||
| Nextcloud | Deck | Deck versions 1.15.x antérieures à 1.15.1 | ||
| Nextcloud | Tables | Tables versions antérieures à 1.0.1 | ||
| Nextcloud | Server | Server versions 32.0.x antérieures à 32.0.3 | ||
| Nextcloud | Approval | Approval versions 1.x antérieures à 1.3.1 | ||
| Nextcloud | Calendar | Calendar versions 6.0.x antérieures à 6.0.3 | ||
| Nextcloud | Deck | Deck versions 1.12.x antérieures à 1.12.7 | ||
| Nextcloud | Groupfolders | Groupfolders versions 17.0.x antérieures à 17.0.14 | ||
| Nextcloud | Mail versions antérieures à 5.5.3 | |||
| Nextcloud | Groupfolders | Groupfolders versions 14.0.x antérieures à 14.0.11 | ||
| Nextcloud | Groupfolders | Groupfolders versions 20.1.x antérieures à 20.1.2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Server versions 28.0.x ant\u00e9rieures \u00e0 28.0.14.11",
"product": {
"name": "Server",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Groupfolders versions 15.3.x ant\u00e9rieures \u00e0 15.3.12",
"product": {
"name": "Groupfolders",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Server versions 30.0.x ant\u00e9rieures \u00e0 30.0.17.3",
"product": {
"name": "Server",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Server versions 31.0.x ant\u00e9rieures \u00e0 31.0.12",
"product": {
"name": "Server",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Calendar versions 5.x ant\u00e9rieures \u00e0 5.5.6",
"product": {
"name": "Calendar",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Deck versions 1.14.x ant\u00e9rieures \u00e0 1.14.4",
"product": {
"name": "Deck",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Groupfolders versions 19.1.x ant\u00e9rieures \u00e0 19.1.8",
"product": {
"name": "Groupfolders",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Server versions 29.0.x ant\u00e9rieures \u00e0 29.0.16.8",
"product": {
"name": "Server",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Groupfolders versions 16.0.x ant\u00e9rieures \u00e0 16.0.15",
"product": {
"name": "Groupfolders",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Calendar versions 4.x ant\u00e9rieures \u00e0 4.7.19",
"product": {
"name": "Calendar",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Approval versions 2.x ant\u00e9rieures \u00e0 2.5.0",
"product": {
"name": "Approval",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Groupfolders versions 18.1.x ant\u00e9rieures \u00e0 18.1.8",
"product": {
"name": "Groupfolders",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Deck versions 1.15.x ant\u00e9rieures \u00e0 1.15.1",
"product": {
"name": "Deck",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Tables versions ant\u00e9rieures \u00e0 1.0.1",
"product": {
"name": "Tables",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Server versions 32.0.x ant\u00e9rieures \u00e0 32.0.3",
"product": {
"name": "Server",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Approval versions 1.x ant\u00e9rieures \u00e0 1.3.1",
"product": {
"name": "Approval",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Calendar versions 6.0.x ant\u00e9rieures \u00e0 6.0.3",
"product": {
"name": "Calendar",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Deck versions 1.12.x ant\u00e9rieures \u00e0 1.12.7",
"product": {
"name": "Deck",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Groupfolders versions 17.0.x ant\u00e9rieures \u00e0 17.0.14",
"product": {
"name": "Groupfolders",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Mail versions ant\u00e9rieures \u00e0 5.5.3",
"product": {
"name": "Mail",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Groupfolders versions 14.0.x ant\u00e9rieures \u00e0 14.0.11",
"product": {
"name": "Groupfolders",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
},
{
"description": "Groupfolders versions 20.1.x ant\u00e9rieures \u00e0 20.1.2",
"product": {
"name": "Groupfolders",
"vendor": {
"name": "Nextcloud",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-66511",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66511"
},
{
"name": "CVE-2025-66513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66513"
},
{
"name": "CVE-2025-66515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66515"
},
{
"name": "CVE-2025-66546",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66546"
},
{
"name": "CVE-2025-66512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66512"
},
{
"name": "CVE-2025-66514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66514"
},
{
"name": "CVE-2025-66545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66545"
},
{
"name": "CVE-2025-66510",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66510"
},
{
"name": "CVE-2025-66547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66547"
},
{
"name": "CVE-2025-66548",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66548"
}
],
"initial_release_date": "2025-12-05T00:00:00",
"last_revision_date": "2025-12-05T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1066",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-05T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Nextcloud. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une injection de code indirecte \u00e0 distance (XSS).",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Nextcloud",
"vendor_advisories": [
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-q26g-fmjq-x5g5",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-q26g-fmjq-x5g5"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-495w-cqv6-wr59",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-495w-cqv6-wr59"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-hq6c-r898-fgf2",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hq6c-r898-fgf2"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-2vrq-fhmf-c49m",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-2vrq-fhmf-c49m"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-2cwj-qp49-4xfw",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-2cwj-qp49-4xfw"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-qcw2-p26m-9gc5",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qcw2-p26m-9gc5"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-7x2j-2674-fj95",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7x2j-2674-fj95"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-v394-8gpc-6fv5",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v394-8gpc-6fv5"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-whm3-vv55-gf27",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-whm3-vv55-gf27"
},
{
"published_at": "2025-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 Nextcloud GHSA-xjvq-xvr7-xpg6",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-xjvq-xvr7-xpg6"
}
]
}