CVE-2021-32680 log

Source
Severity Low
Remote Yes
Type Incorrect calculation
Description
In Nextcloud Server versions prior to 21.0.3, Nextcloud Server audit logging functionality wasn't properly logging events for the unsetting of a share expiration date. This event is supposed to be logged.
Group Package Affected Fixed Severity Status Ticket
AVG-2144 nextcloud 21.0.2-1 21.0.3-1 High Fixed
Date Advisory Group Package Severity Type
14 Jul 2021 ASA-202107-22 AVG-2144 nextcloud High multiple issues
References
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-fxpq-wq7c-vppf
https://hackerone.com/reports/1200810
https://github.com/nextcloud/server/pull/27024
https://github.com/nextcloud/server/commit/6300a1b84605b4674c2cee3860eaae17bdfeace7