CVE-2024-52507

3.5 LOW
Published: November 15, 2024 Modified: October 01, 2025
View on NVD

Description

Nextcloud Tables allows users to to create tables with individual columns. The information which Table (numeric ID) is shared with which groups and users and the respective permissions was not limited to affected users. It is recommended that the Nextcloud Tables app is upgraded to 0.8.1.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-rgvc-xr2w-qq45
Source: security-advisories@github.com
Vendor Advisory
https://github.com/nextcloud/tables/commit/13ca45f1b9f70f694aea81b78bc7416ec840c332
Source: security-advisories@github.com
Patch
https://github.com/nextcloud/tables/pull/1406
Source: security-advisories@github.com
Issue Tracking
https://hackerone.com/reports/2705507
Source: security-advisories@github.com
Issue Tracking

4 reference(s) from NVD

Quick Stats

CVSS v3 Score
3.5 / 10.0
EPSS (Exploit Probability)
0.2%
39th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-639

Affected Vendors

nextcloud

Related CVEs

CVE-2025-52691 10.0
CVE-2025-15168 7.3
CVE-2025-15167 7.3
CVE-2025-15166 7.3
CVE-2025-15165 7.3