Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks.