Date published: 2017-05-08T16:29:00.367-04:00
Date last modified: 2017-05-18T12:22:36.800-04:00
CVSS Score: 3.5
Principal attack vector: NETWORK
Reference URL: https://hackerone.com/reports/203594
Summary: Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users. Note that no actual content of the calendar and addressbook has been disclosed.