VYPR
Unrated severityNVD Advisory· Published Aug 10, 2023· Updated Oct 4, 2024

Notes attachment render HTML in preview mode

CVE-2023-39955

Description

Notes is a note-taking app for Nextcloud, an open-source cloud platform. Starting in version 4.4.0 and prior to version 4.8.0, when creating a note file with HTML, the content is rendered in the preview instead of the file being offered to download. Nextcloud Notes app version 4.8.0 contains a patch for the issue. No known workarounds are available.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: >=4.4.0 <4.8.0
  • nextcloud/security-advisoriesv5
    Range: >= 4.4.0, < 4.8.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.