Description

user_oidc app is an OpenID Connect user backend for Nextcloud. A malicious user could send a malformed login link that would redirect the user to a provided URL after successfully authenticating. It is recommended that the Nextcloud User OIDC app is upgraded to 6.1.0.

INFO

Published Date :

2024-11-15T17:18:50.519Z

Last Modified :

2024-11-15T18:24:27.739Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-52512 vulnerability.

Vendors Products
Nextcloud
  • User Oidc
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-52512.

URL Resource
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-784j-x2g5-4g7q cve-icon cve-icon
https://github.com/nextcloud/user_oidc/commit/c923428d51972f6d04636c6accbecdec0c1b88e9 cve-icon cve-icon
https://github.com/nextcloud/user_oidc/pull/961 cve-icon cve-icon
https://hackerone.com/reports/2720030 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact