CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
43.2%
An attacker could supply a URL that redirects an unsuspecting victim from a legitimate domain to an attacker’s site.
It is recommended that the Nextcloud Server is upgraded to 26.0.2
It is recommended that the Nextcloud Enterprise Server is upgraded to 26.0.2
If you have any questions or comments about this advisory: