Access Control Bypass in Nextcloud Server versions prior to 14.0.0, 13.0.6, and 12.0.11
CVE-2018-16466 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:N
Improper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens.
Learn more about our Cis Benchmark Audit For Server Software.