CVE-2021-37631 log

Severity Medium
Remote Yes
Type Information disclosure
In Nextcloud Deck before version 1.5.1, the application didn't properly check membership of users in a Circle. This allowed other users in the instance to gain access to boards that have been shared with a Circle, even if the user was not a member of the circle.
Group Package Affected Fixed Severity Status Ticket
AVG-2358 nextcloud-app-deck 1:1.5.0-1 1:1.5.1-1 Medium Fixed