Nextcloud iOS Files app
by Nextcloud
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-15614 | Med | 0.35 | 5.4 | 0.01 | Feb 4, 2020 | Missing sanitization in the iOS App 2.24.4 causes an XSS when opening malicious HTML files. | ||
| CVE-2023-49790 | Med | 0.00 | 4.3 | 0.00 | Dec 22, 2023 | The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch.… | ||
| CVE-2023-28999 | Med | 0.00 | 6.9 | 0.01 | Apr 4, 2023 | Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can… |
- risk 0.35cvss 5.4epss 0.01
Missing sanitization in the iOS App 2.24.4 causes an XSS when opening malicious HTML files.
- risk 0.00cvss 4.3epss 0.00
The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch.…
- risk 0.00cvss 6.9epss 0.01
Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can…