CVE-2021-22905

CVE-2021-22905

Vendor N/A
Product Nextcloud Android App (com.nextcloud.client)
Weakness CWE-200 · Info exposure
Published June 11, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

Nextcloud Android App (com.nextcloud.client) before v3.16.0 is vulnerable to information disclosure due to searches for sharees being performed by default on the lookup server instead of only using the local Nextcloud server unless a global search has been explicitly chosen by the user.

Key dates

02Disclosure timeline

June 11, 2021 CVE published
August 3, 2024 Record updated