What the vulnerability does
01Description
Improper authorization in Nextcloud server 17.0.0 causes leaking of previews and files when a file-drop share link is opened via the gallery app.
CVSS base score
—
Key dates
02Disclosure timeline
February 4, 2020
CVE published
August 4, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-21440
CVE-2016-7071
CVE-2025-14546
CVE-2024-1043 AMP for WP <= 1.0.93.1 - Authenticated(Contributor+) Arbitrary Post Deletion via amppb_remove_saved_layout_data
CVE-2026-4818 Some management operations on data streams are not properly restricted when user does not have the necessary privileges
