CVE-2024-52509 - Nextcloud Mail Untrusted File Attachment Creates Privilege Escalation
CVE ID : CVE-2024-52509 Published : Nov. 15, 2024, 6:15 p.m. | 44 minutes ago Description : Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. It is recommended that the Nextcloud Mail is upgraded to 2.2.10, 3.6.2 or 3.7.2. Severity: 3.5 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Nov. 15, 2024, 6:15 p.m. | 44 minutes ago
Description : Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. It is recommended that the Nextcloud Mail is upgraded to 2.2.10, 3.6.2 or 3.7.2.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...