CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS
Percentile
42.5%
User’s password was stored in cleartext in the database during the duration of OAuth2 setup procedure.
It is recommended that the Nextcloud Mail app is upgraded to 2.2.2
If you have any questions or comments about this advisory: