6.1
CVE-2026-45278
- EPSS 0.23%
- Veröffentlicht 01.06.2026 16:51:55
- Zuletzt bearbeitet 03.06.2026 17:34:59
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
Nextcloud: Open Redirect in user_oidc login flow via protocol-relative URL bypass
Open Redirect in user_oidc login flow via protocol-relative URL bypass
Nextcloud is an open source content collaboration platform. From version 6.1.0 to before version 8.2.2, an attacker can craft links that would redirect users to another website, when the victim uses the attackers link to log in via user OIDC. This issue has been patched in version 8.2.2.
Mögliche Gegenmaßnahme
user_oidc: * No other workaround available
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.138 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 2.8 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
| security-advisories@github.com | 3.3 | 1.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
|
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8wjr-5cg8-4w73
https://github.com/nextcloud/user_oidc/pull/1273
https://hackerone.com/reports/3464925
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8wjr-5cg8-4w73