A missing permission check in Nextcloud Deck before 1.2.9, 1.4.5 and 1.5.3 allows another authenticated users to access Deck cards of another user.
It is recommended that the Nextcloud Deck App is upgraded to 1.2.9, 1.4.5 or 1.5.3.
None.
If you have any questions or comments about this advisory:
Impact
A missing permission check in Nextcloud Deck before 1.2.9, 1.4.5 and 1.5.3 allows another authenticated users to access Deck cards of another user.
Patches
It is recommended that the Nextcloud Deck App is upgraded to 1.2.9, 1.4.5 or 1.5.3.
Workarounds
None.
References
For more information
If you have any questions or comments about this advisory: