VYPR
Medium severity4.3OSV Advisory· Published Jun 11, 2021· Updated Jun 17, 2026

CVE-2021-22896

CVE-2021-22896

Description

Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Nextcloud/MailOSV2 versions
    1.6.2, nighly-20170831, nightly-20161202, …+ 1 more
    • (no CPE)range: 1.6.2, nighly-20170831, nightly-20161202, …
    • (no CPE)range: <1.9.5
  • osv-coords
    Range: < 1.9.5

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.