Severity by source
AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L
Lifecycle Timeline
4DescriptionGitHub Advisory
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.6 and 0.9.3, a malicious user was able to create their own table and then move a column to a victims table. This vulnerability is fixed in 0.8.6 and 0.9.3.
Analysis
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.6 and 0.9.3, a malicious user was able to create their own table and then move a column to a victims table. This vulnerability is fixed in 0.8.6 and 0.9.3.
Technical ContextAI
This vulnerability is classified as Authorization Bypass Through User-Controlled Key (CWE-639).
RemediationAI
A vendor patch is available. Apply it as soon as possible and verify the fix.
Nextcloud Tables allows users to to create tables with individual columns. Rated medium severity (CVSS 6.5), this vulner
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.7 and 0.9.4, authenticated u
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.9, 0.9.6, and 1.0.1, the inf
Nextcloud Tables allows users to to create tables with individual columns. Rated medium severity (CVSS 4.3), this vulner
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-201440