SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HNextcloud
APPNextcloud1.0.01.0.11.1.01.2.01.3.01.3.11.4.01.4.11.4.21.4.32.0.02.0.13.0.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
Related vulnerabilities
CVE-2021-43863HIGH7.5ten sam produkt
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcl...
CVE-2023-49790MEDIUM4.3ten sam produkt
The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platfor...
CVE-2023-28999MEDIUM6.9ten sam produkt
Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud An...
CVE-2023-28646MEDIUM4.4ten sam produkt
Nextcloud android is an android app for interfacing with the nextcloud home server ecosystem. In versions from...
CVE-2023-28647MEDIUM4.4ten sam produkt
Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions pri...