EPSS
Percentile
42.1%
nextcloud-client is vulnerable to Cross-Site Request Forgery (CSRF). A malicious attacker could make a user send a POST request with an arbitrary body if they click a malicious deep link on a windows based machine exploiting it to the vulnerability.
github.com/nextcloud/desktop/pull/5106
github.com/nextcloud/security-advisories/security/advisories/GHSA-4gfv-xqpx-42qj
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.18/community.yaml