CVE-2024-52507

medium

Description

Nextcloud Tables allows users to to create tables with individual columns. The information which Table (numeric ID) is shared with which groups and users and the respective permissions was not limited to affected users. It is recommended that the Nextcloud Tables app is upgraded to 0.8.1.

References

https://hackerone.com/reports/2705507

https://github.com/nextcloud/tables/pull/1406

https://github.com/nextcloud/tables/commit/13ca45f1b9f70f694aea81b78bc7416ec840c332

https://github.com/nextcloud/security-advisories/security/advisories/GHSA-rgvc-xr2w-qq45

Details

Source: Mitre, NVD

Published: 2024-11-15

Updated: 2025-10-01

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00025