Description

Nextcloud Tables allows users to to create tables with individual columns. By directly specifying the ID of a table or view, a malicious user could blindly insert new rows into tables they have no access to. It is recommended that the Nextcloud Tables is upgraded to 0.8.0.

INFO

Published Date :

2024-11-15T17:22:41.184Z

Last Modified :

2024-11-15T18:22:09.686Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-52511 vulnerability.

Vendors Products
Nextcloud
  • Tables
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-52511.

URL Resource
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4qqp-9h2g-7qg7 cve-icon cve-icon
https://github.com/nextcloud/tables/commit/52846ad81fe192ee977f14c82a229b0d9cdc406c cve-icon cve-icon
https://github.com/nextcloud/tables/pull/1351 cve-icon cve-icon
https://hackerone.com/reports/2671404 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact