Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-31132

Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path ./vendor/cerdic/css-tidy/css_optimiser.php. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users unable to upgrade may manually delete the file located at ./vendor/cerdic/css-tidy/css_optimiser.php

CVE
#vulnerability#php#ssrf#auth

Impact

This vulnerability can be exploited by an unauthenticated attacker and opens the possibility of not only attacking other local services, but also the router of the home network. The ability to receive and write CSS files can be used by the attacker to find out what other services are running on devices in the network or what kind of router is used etc. before running additional attacks.

Patches

It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6

Workarounds

Users can manually delete the file located at ./vendor/cerdic/css-tidy/css_optimiser.php

References

  • Pull request
  • HackerOne

For more information

If you have any questions or comments about this advisory:

  • Create a post in nextcloud/security-advisories
  • Customers: Open a support ticket at support.nextcloud.com

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907