Vulnerability Details CVE-2024-37316
Nextcloud Calendar is a calendar app for Nextcloud. Authenticated users could create an event with manipulated attachment data leading to a bad redirect for participants when clicked. It is recommended that the Nextcloud Calendar App is upgraded to 4.6.8 or 4.7.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.3%
CVSS Severity
CVSS v3 Score 4.6
Products affected by CVE-2024-37316
-
cpe:2.3:a:nextcloud:calendar:4.3.0
-
cpe:2.3:a:nextcloud:calendar:4.3.1
-
cpe:2.3:a:nextcloud:calendar:4.3.2
-
cpe:2.3:a:nextcloud:calendar:4.4.0
-
cpe:2.3:a:nextcloud:calendar:4.4.1
-
cpe:2.3:a:nextcloud:calendar:4.4.2
-
cpe:2.3:a:nextcloud:calendar:4.4.3
-
cpe:2.3:a:nextcloud:calendar:4.4.4
-
cpe:2.3:a:nextcloud:calendar:4.5.0
-
cpe:2.3:a:nextcloud:calendar:4.5.3
-
cpe:2.3:a:nextcloud:calendar:4.6.0
-
cpe:2.3:a:nextcloud:calendar:4.6.1
-
cpe:2.3:a:nextcloud:calendar:4.6.2
-
cpe:2.3:a:nextcloud:calendar:4.6.3
-
cpe:2.3:a:nextcloud:calendar:4.6.4
-
cpe:2.3:a:nextcloud:calendar:4.6.5
-
cpe:2.3:a:nextcloud:calendar:4.6.6
-
cpe:2.3:a:nextcloud:calendar:4.6.7