Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.
Advisories
Source ID Title
EUVD EUVD EUVD-2021-10028 Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: hackerone

Published:

Updated: 2024-08-03T18:58:25.923Z

Reserved: 2021-01-06T00:00:00

Link: CVE-2021-22896

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-06-11T16:15:10.887

Modified: 2024-11-21T05:50:51.803

Link: CVE-2021-22896

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.