What the vulnerability does

01Description

Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.

Key dates

02Disclosure timeline

June 11, 2021 CVE published
August 3, 2024 Record updated