Nextcloud: Add to your nextcloud endpoint is not properly protected

This is related to https://hackerone.com/reports/1173684

The endpoint you hit does have bruteforce protection
https://github.com/nextcloud/server/blob/master/apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php#L126

But this is only triggered by finding a share that is password protected
https://github.com/nextcloud/server/blob/master/apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php#L157

Or a file drop public share
https://github.com/nextcloud/server/blob/master/apps/federatedfilesharing/lib/Controller/MountPublicLinkController.php#L166

In other words this endpoint can also be used to try to brute force share tokens.

Impact

Low just like on the other report. But should be fixed non the less.