CVE-2024-37316

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-37316
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-37316.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-37316
Related
  • GHSA-2r7q-vfmv-79qf
Published
2024-06-14T16:15:11Z
Modified
2024-11-21T09:23:35Z
Severity
  • 4.6 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Nextcloud Calendar is a calendar app for Nextcloud. Authenticated users could create an event with manipulated attachment data leading to a bad redirect for participants when clicked. It is recommended that the Nextcloud Calendar App is upgraded to 4.6.8 or 4.7.2.

References

Affected packages

Git / github.com/nextcloud/calendar

Affected ranges

Type
GIT
Repo
https://github.com/nextcloud/calendar
Events
Introduced
8a1068366035c7974ecebfbb064b7d01c0c8ffaf
Fixed
d3ba42c9478e42724859bc70b5e033adfd732b33