VYPR
Unrated severityNVD Advisory· Published Jul 12, 2021· Updated Aug 3, 2024

Bypass of image blocking in Nextcloud Mail

CVE-2021-32707

Description

Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a background-image CSS attribute. Note that the images were still passed through the Nextcloud image proxy, and thus there was no IP leakage. The issue was patched in version 1.9.6 and 1.10.0. No workarounds are known to exist.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Nextcloud/Mailllm-fuzzy
    Range: <1.9.6
  • nextcloud/security-advisoriesv5
    Range: < 1.9.6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.