CVE-2025-47790 | Nextcloud Server up to 29.0.14/30.0.8/31.0.2 config.php remember_login_cookie_lifetime improper authentication (GHSA-9h3w-f3h4-qqrh)

Inserito da Angelo Barbosa | Mag 16, 2025 | CVE

A vulnerability was found in Nextcloud Server up to 29.0.14/30.0.8/31.0.2. It has been classified as critical. This affects an unknown part of the file config.php. The manipulation of the argument remember_login_cookie_lifetime leads to improper authentication.

This vulnerability is uniquely identified as CVE-2025-47790. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-47790 | Nextcloud Server up to 29.0.14/30.0.8/31.0.2 config.php remember_login_cookie_lifetime improper authentication (GHSA-9h3w-f3h4-qqrh)

Post correlati

CVE-2024-39546 | Juniper Networks Junos OS Evolved prior 23.2R2-EVO Socket Intercept Command File Interface authorization (JSA83008)

CVE-2024-6397 | InstaWP Connect Plugin up to 0.1.0.44 on WordPress improper authentication

CVE-2024-51719 | Kevin Walker & Roman Peterhans Simplistic SEO Plugin up to 2.3.0 on WordPress cross site scripting

CVE-2024-13849 | dcurasi Cookie Notice Bar Plugin up to 1.3.0 on WordPress cross site scripting