Description

Nextcloud Groupfolders provides admin-configured folders shared by everyone in a group or team. Prior to 14.0.11, 15.3.12, 16.0.15, 17.0.14, 18.1.8, 19.1.8, and 20.1.2, a user with read-only permission can restore a file from the trash bin. This vulnerability is fixed in 14.0.11, 15.3.12, 16.0.15, 17.0.14, 18.1.8, 19.1.8, and 20.1.2.

INFO

Published Date :

2025-12-05T17:44:13.312Z

Last Modified :

2025-12-08T19:55:13.290Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-66545 vulnerability.

Vendors Products
Nextcloud
  • Group Folders
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-66545.

URL Resource
https://github.com/nextcloud/groupfolders/commit/bbe87ebed8da23e9df4db637a76fbc8d36439d58 cve-icon cve-icon
https://github.com/nextcloud/groupfolders/issues/4041 cve-icon cve-icon
https://github.com/nextcloud/groupfolders/pull/4076 cve-icon cve-icon
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-2vrq-fhmf-c49m cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact