Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NNextcloud
APPNextcloud< 2.24.0
Related vulnerabilities
SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmf...
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcl...
The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platfor...
Nextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud An...
Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions pri...