CVE-2021-22879 log

Source
Severity Medium
Remote Yes
Type Arbitrary code execution
Description
Missing validation of URLs in Nextcloud Desktop Client 3.1.2 and earlier allowed a malicious server to execute code on the client. User interaction was required.
Group Package Affected Fixed Severity Status Ticket
AVG-1810 nextcloud-client 3.1.2-1 3.1.3-1 Medium Fixed
References
https://nextcloud.com/security/advisory/?id=nC-SA-2021-008
https://hackerone.com/reports/1078002