Unrated severityNVD Advisory· Published Jun 1, 2021· Updated Aug 3, 2024
Missing permission check on email metadata retrieval
CVE-2021-32652
Description
Nextcloud Mail is a mail app for the Nextcloud platform. A missing permission check in Nextcloud Mail before 1.4.3 and 1.8.2 allows another authenticated users to access mail metadata of other users. Versions 1.4.3 and 1.8.2 contain patches for this vulnerability; no workarounds other than the patches are known to exist.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- nextcloud/security-advisoriesv5Range: < 1.4.3
Patches
Vulnerability mechanics
References
2- github.com/nextcloud/security-advisories/security/advisories/GHSA-mxx2-6rg9-v2vcmitrex_refsource_CONFIRM
- hackerone.com/reports/1094063mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.