{"uuid": "1276da88-0a31-4e22-ba8d-cbef322acdf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24906", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12922", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24906\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthorized users. It is recommended that the Nextcloud Deck app is upgraded to 1.2.11, 1.4.6, or 1.5.4. There is no workaround available.\n\ud83d\udccf Published: 2022-05-20T15:40:17.000Z\n\ud83d\udccf Modified: 2025-04-22T18:00:53.353Z\n\ud83d\udd17 References:\n1. https://github.com/nextcloud/security-advisories/security/advisories/GHSA-hx9w-xfrg-2qvp\n2. https://github.com/nextcloud/deck/pull/3384\n3. https://hackerone.com/reports/1354334", "creation_timestamp": "2025-04-22T18:03:36.000000Z"}