What the vulnerability does

01Description

Improper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens.

Key dates

02Disclosure timeline

October 30, 2018 CVE published
August 5, 2024 Record updated