CVE-2023-39961

Summary

CVE-2023-39961 is a vulnerability affecting Nextcloud Server, used for data storage in Nextcloud, an open source cloud platform. From versions 24.0.4 to 26.0.1, users could share images without download permissions but still add them inline into text files and subsequently download them. Affected versions include 24.0.12.5, 25.0.9, 26.0.4, and 27.0.1 for Nextcloud Server, and 24.0.12.5, 25.0.9, 26.0.4, and 27.0.1 for Nextcloud Enterprise Server. Patches addressing this issue have been released for these versions, but no workarounds are currently available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.