Security Advisory

CVE-2023-45660

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-16 18:32:00
Last updated 2024-09-13 19:36:36
Assigner GitHub_M
State PUBLISHED

Description

Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0. There are no known workarounds for this vulnerability.