Vulnerabilities
Vulnerable Software
Nextcloud:  >> Mail  >> 2.3.0  Security Vulnerabilities
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Prior to 5.5.3, a stored HTML injection in the Mail app's message list allowed an authenticated user to inject HTML into the email subjects. Javascript was correctly blocked by the content security policy of the Nextcloud Server code.
CVSS Score
3.5
EPSS Score
0.002
Published
2025-12-05
Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3.
CVSS Score
3.5
EPSS Score
0.005
Published
2023-05-27


Contact Us

Shodan ® - All rights reserved