Unrated severityNVD Advisory· Published Feb 27, 2023· Updated Mar 10, 2025
Nextcloud Talk messages can still be seen on conversation after expiring when cron is misconfigured
CVE-2023-26041
Description
Nextcloud Talk is a fully on-premises audio/video and chat communication service. When cron jobs were misconfigured and therefore messages are not expired, the API would still return them while they were then hidden by the frontend code. It is recommended that the Nextcloud Talk is upgraded to 15.0.3. There are no workaround available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- nextcloud/security-advisoriesv5Range: < 15.0.3
Patches
Vulnerability mechanics
References
3- github.com/nextcloud/security-advisories/security/advisories/GHSA-j53p-r755-v4jfmitrex_refsource_CONFIRM
- github.com/nextcloud/spreed/pull/8515mitrex_refsource_MISC
- hackerone.com/reports/1784310mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.