CVE-2021-41180

Description

Nextcloud talk is a self hosting messaging service. In versions prior 12.1.2 an attacker is able to control the link of a geolocation preview in the Nextcloud Talk application due to a lack of validation on the link. This could result in an open-redirect, but required user interaction. This only affected users of the Android Talk client. It is recommended that the Nextcloud Talk App is upgraded to 12.1.2. There are no known workarounds.

Related CPE's

a nextcloud talk *****android **

References

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-4fxr-mrw2-cq92

Issue TrackingThird Party Advisory

https://github.com/nextcloud/spreed/pull/6239

PatchThird Party Advisory

https://hackerone.com/reports/1337178

ExploitPatchThird Party Advisory

CvssV3 impact

BaseSeverity	MEDIUM
ConfidentialityImpact	LOW
AttackComplexity	LOW
Scope	CHANGED
AttackVector	NETWORK
AvailabilityImpact	NONE
IntegrityImpact	LOW
PrivilegesRequired	NONE
BaseScore	6.1
VectorString	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Version	3.1
UserInteraction	REQUIRED

CvssV2 impact

AccessComplexity	HIGH
ConfidentialityImpact	PARTIAL
AvailabilityImpact	NONE
IntegrityImpact	PARTIAL
BaseScore	4
VectorString	AV:N/AC:H/Au:N/C:P/I:P/A:N
Version	2.0
AccessVector	NETWORK
Authentication	NONE

Created by Yello

About Severity.io