Information Leakage in Nextcloud Mail from Nextcloud
CVE-2024-52508
Currently unrated
What is CVE-2024-52508?
An information leak vulnerability in the Nextcloud Mail app can expose sensitive email configuration details to a potential attacker. If a user attempts to set up a mail account with a non-auto-configurable email address, an attacker controlling an address like autoconfig.tld has the ability to intercept these details. Users are advised to update to the latest versions of Nextcloud Mail to mitigate these risks.