High severity8.1NVD Advisory· Published Jul 5, 2018· Updated Jun 17, 2026
CVE-2018-3761
CVE-2018-3761
Description
Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<12.0.8, <13.0.3+ 1 more
- (no CPE)range: <12.0.8, <13.0.3
- (no CPE)range: <13.0.3, <12.0.8
Patches
Vulnerability mechanics
References
2- hackerone.com/reports/343111nvdThird Party Advisory
- nextcloud.com/security/advisory/nvdBroken LinkVendor Advisory
News mentions
0No linked articles in our index yet.