CVE-2024-37887 | Nextcloud Server up to 27.1.9/28.0.5/29.0.0 Calendar Event access control (GHSA-h4xv-cjpm-j595)

Posted by Angelo Barbosa | Jun 14, 2024 | CVE

A vulnerability has been found in Nextcloud Server up to 27.1.9/28.0.5/29.0.0 and classified as critical. This vulnerability affects unknown code of the component Calendar Event Handler. The manipulation leads to improper access controls.

This vulnerability was named CVE-2024-37887. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-37887 | Nextcloud Server up to 27.1.9/28.0.5/29.0.0 Calendar Event access control (GHSA-h4xv-cjpm-j595)

Related Posts

CVE-2024-43883 | Linux Kernel up to 6.10.4 vhci-hcd resource consumption (ZDI-CAN-22273)

CVE-2024-41518 | Feripro up to 2.2.3 XLSX File statistics access control

CVE-2023-52607 | Linux Kernel up to 6.7.3 powerpc kasprintf null pointer dereference

CVE-2024-6737 | 2100 Technology Electronic Official Document Management System up to 5.0.76 Setting access control