0.001 Low
EPSS
Percentile
44.2%
Improper protection of the 2FA login made a bypass of the 2FA possible. The bug required to know user credentials but effectively rendered the 2FA ineffective.
The issue has been fixed by the Nextcloud team and has been validated by the reporter.