Unrated severityNVD Advisory· Published May 17, 2022· Updated Apr 22, 2025
Exposure of Private Personal Information to an Unauthorized Actor in Nextcloud Talk
CVE-2022-24890
Description
Nextcloud Talk is a video and audio conferencing app for Nextcloud. In versions prior to 13.0.5 and 14.0.0, a call moderator can indirectly enable user webcams by granting permissions, if they were enabled before removing the permissions. A patch is available in versions 13.0.5 and 14.0.0. There are currently no known workarounds.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- nextcloud/security-advisoriesv5Range: < 13.0.5
Patches
Vulnerability mechanics
References
4- github.com/nextcloud/security-advisories/security/advisories/GHSA-vxpr-hcqq-7fw7mitrex_refsource_CONFIRM
- github.com/nextcloud/spreed/issues/7048mitrex_refsource_MISC
- github.com/nextcloud/spreed/pull/7034mitrex_refsource_MISC
- github.com/nextcloud/spreed/pull/7092mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.