Medium severity6.4NVD Advisory· Published Apr 5, 2017· Updated Jun 17, 2026
CVE-2017-0883
CVE-2017-0883
Description
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. A permission related issue within the OCS sharing API allowed an authenticated adversary to reshare shared files with an increasing permission set. This may allow an attacker to edit files in a share despite having only a 'read' permission set. Note that this only affects folders and files that the adversary has at least read-only permissions for.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<9.0.55, <10.0.2+ 1 more
- (no CPE)range: <9.0.55, <10.0.2
- (no CPE)range: All versions before 9.0.55 and 10.0.2
Patches
Vulnerability mechanics
References
2- nextcloud.com/security/advisory/nvdPatchVendor Advisory
- hackerone.com/reports/169680nvdThird Party Advisory
News mentions
0No linked articles in our index yet.