Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user.
{
"severity": "Medium",
"cpes": [
"cpe:2.3:a:nextcloud:nextcloud:*:*:*:*:*:iphone_os:*:*"
]
}