Circles
by Nextcloud
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-45285 | Med | 0.35 | 6.4 | — | Jun 1, 2026 | Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes an external member (a person added via email address who does not have a… | ||
| CVE-2021-32782 | 0.00 | — | 0.00 | Sep 7, 2021 | Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. Due the strict Content-Security-Policy shipped with Nextcloud, this… | |||
| CVE-2021-37630 | 0.00 | — | 0.00 | Sep 7, 2021 | Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application allowed any user to join any "Secret Circle" without approval by the Circle owner leaking private information. It is recommended that… | |||
| CVE-2019-15610 | 0.00 | — | 0.01 | Feb 4, 2020 | Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle. |
- risk 0.35cvss 6.4epss —
Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes an external member (a person added via email address who does not have a…
- CVE-2021-32782Sep 7, 2021risk 0.00cvss —epss 0.00
Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. Due the strict Content-Security-Policy shipped with Nextcloud, this…
- CVE-2021-37630Sep 7, 2021risk 0.00cvss —epss 0.00
Nextcloud Circles is an open source social network built for the nextcloud ecosystem. In affected versions the Nextcloud Circles application allowed any user to join any "Secret Circle" without approval by the Circle owner leaking private information. It is recommended that…
- CVE-2019-15610Feb 4, 2020risk 0.00cvss —epss 0.01
Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle.