CVE-2021-32654 log

Severity High
Remote Yes
Type Arbitrary filesystem access
A security issue has been found in Nextcloud Server before version 21.0.2. An attacker is able to receive write/read privileges on any Federated File Share. Since public links can be added as federated file share, this can also be exploited on any public link (e.g. to add malicious data into a folder, or get read access to a "Files Drop" link).
Group Package Affected Fixed Severity Status Ticket
AVG-2024 nextcloud 21.0.1-3 21.0.2-1 High Fixed