CVE-2024-37315 | Nextcloud Server up to 26.0.11/27.1.6/28.0.2 files_versions access control

Posted by Angelo Barbosa | Jun 14, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Nextcloud Server up to 26.0.11/27.1.6/28.0.2. This issue affects some unknown processing of the component files_versions. The manipulation leads to improper access controls.

The identification of this vulnerability is CVE-2024-37315. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-37315 | Nextcloud Server up to 26.0.11/27.1.6/28.0.2 files_versions access control

Related Posts

CVE-2024-24112 | xmall 1.1 orderDir sql injection (Issue 78)

CVE-2024-24312 | Vaales V_QRS 2024-01-17 Models/UserModel.php sql injection

CVE-2023-49193 | Social Pug Plugin up to 1.20.3 on WordPress admin_init authorization

CVE-2023-50090 | ureport2 up to 2.2.9 HTTP POST Request saveReportFile Privilege Escalation