CNNVD-202512-662 Information
CNNVD ID
CNNVD-202512-662
Related CVE
- CNNVD Published: 2025-12-05
Description (Chinese)
Nextcloud Calendar是Nextcloud开源的一个日历应用程序。 Nextcloud Calendar 4.7.19之前版本、5.5.6之前版本和6.0.1之前版本存在安全漏洞,该漏洞源于日历应用允许盲目预订会议,可能导致未授权访问。
Description (English)
Nextcloud Calendar is a calendar application from the Nextcloud open source. Nextcloud Calendar 4.7.19, 5.5.6 and 6.0.1 had a security loophole, which stemmed from the fact that calendar applications allowed blind booking of meetings, which could lead to unauthorized access.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
Nextcloud
Published
2025-12-05
Last Modified
2026-02-24
References
https://github.com/nextcloud/calendar/commit/f41650c3681fc4a4130eb883f5c0899c011326b3 https://github.com/nextcloud/calendar/pull/7537 https://github.com/nextcloud/security-advisories/security/advisories/GHSA-7x2j-2674-fj95 https://hackerone.com/reports/3275810
Patch
https://apps.nextcloud.com/apps/calendar
Share on: