Nextcloud Mail vulnerabilities

CVE-2025-66514 [MEDIUM] CWE-79 CVE-2025-66514: Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Prior to 5.5.3, a Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Prior to 5.5.3, a stored HTML injection in the Mail app's message list allowed an authenticated user to inject HTML into the email subjects. Javascript was correctly blocked by the content security policy of the Nextcloud Server code.

CVE-2024-52508 [HIGH] CWE-200 CVE-2024-52508: Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is tr Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like [email protected] that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would be send to the server of the attacker. It is recommended

CVE-2024-52509 [MEDIUM] CWE-284 CVE-2024-52509: Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mai Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. It is recommended that the Nextcloud Mail is upgrade

CVE-2023-48307 [CRITICAL] CWE-918 CVE-2023-48307: Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Starting in versi Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Starting in version 1.13.0 and prior to version 2.2.8 and 3.3.0, an attacker can use an unprotected endpoint in the Mail app to perform a SSRF attack. Nextcloud Mail app versions 2.2.8 and 3.3.0 contain a patch for this issue. As a workaround, disable the mail app.

CVE-2023-45660 [MEDIUM] CWE-918 CVE-2023-45660: Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missin Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0. There are no known workarounds for this vulnerabilit

CVE-2023-33184 [MEDIUM] CWE-918 CVE-2023-33184: Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to servi Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3.

CVE-2023-25160 [MEDIUM] CWE-639 CVE-2023-25160: Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14 Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14.5, 1.12.9, and 1.11.8, an attacker can access the mail box by ID getting the subjects and the first characters of the emails. Users should upgrade to Mail 2.2.1 for Nextcloud 25, Mail 1.14.5 for Nextcloud 22-24, Mail 1.12.9 for Nextcloud 21, or Mail

CVE-2023-23944 [MEDIUM] CWE-312 CVE-2023-23944: Nextcloud mail is an email app for the nextcloud home server platform. In versions prior to 2.2.2 us Nextcloud mail is an email app for the nextcloud home server platform. In versions prior to 2.2.2 user's passwords were stored in cleartext in the database during the duration of OAuth2 setup procedure. Any attacker or malicious user with access to the database would have access to these user passwords until the OAuth setup has been completed. It is

CVE-2023-23943 [MEDIUM] CWE-918 CVE-2023-23943: Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is upgraded to 1.15.0 or 2.2.2. The only known workaround fo

CVE-2022-31132 [CRITICAL] CWE-918 CVE-2022-31132: Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions s Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path `./vendor/cerdic/css-tidy/css_optimiser.php`. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery (SSRF). It is recommendet to upgrade to Mail 1.12.7 or Mail 1.13.6. Users

CVE-2022-31119 [MEDIUM] CWE-532 CVE-2022-31119: Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions o Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions of Nextcloud mail would log user passwords to disk in the event of a misconfiguration. Should an attacker gain access to the logs complete access to affected accounts would be obtainable. It is recommended that the Nextcloud Mail is upgraded to 1.12.1.

CVE-2021-39220 [LOW] CWE-20 CVE-2021-39220: Nextcloud is an open-source, self-hosted productivity platform The Nextcloud Mail application prior Nextcloud is an open-source, self-hosted productivity platform The Nextcloud Mail application prior to versions 1.10.4 and 1.11.0 does by default not render images in emails to not leak the read state or user IP. The privacy filter failed to filter images with a relative protocol. It is recommended that the Nextcloud Mail application is upgraded to 1.10.

CVE-2021-32707 [MEDIUM] CWE-20 CVE-2021-32707: Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail applicati Nextcloud Mail is a mail app for Nextcloud. In versions prior to 1.9.6, the Nextcloud Mail application does not, by default, render images in emails to not leak the read state. The privacy filter failed to filter images with a `background-image` CSS attribute. Note that the images were still passed through the Nextcloud image proxy, and thus there wa

CVE-2021-32652 [MEDIUM] CWE-284 CVE-2021-32652: Nextcloud Mail is a mail app for the Nextcloud platform. A missing permission check in Nextcloud Mai Nextcloud Mail is a mail app for the Nextcloud platform. A missing permission check in Nextcloud Mail before 1.4.3 and 1.8.2 allows another authenticated users to access mail metadata of other users. Versions 1.4.3 and 1.8.2 contain patches for this vulnerability; no workarounds other than the patches are known to exist.

CVE-2020-8156 [HIGH] CWE-295 CVE-2020-8156: A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack. A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack.

CVE-2012-2140 [HIGH] CWE-20 Mail Gem Improper Input Validation vulnerability Mail Gem Improper Input Validation vulnerability The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.

CVE-2012-2139 [MEDIUM] CWE-22 Mail Gem Path Traversal vulnerability Mail Gem Path Traversal vulnerability Directory traversal vulnerability in `lib/mail/network/delivery_methods/file_delivery.rb` in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a `..` (dot dot) in the to parameter.

CVE-2011-0739 [MEDIUM] CWE-20 Mail Improper Input Validation vulnerability Mail Improper Input Validation vulnerability The deliver function in the sendmail delivery agent (`lib/mail/network/delivery_methods/sendmail.rb`) in Ruby Mail gem 2.2.14 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail address.

CVE-2015-9097 [MEDIUM] CWE-93 Mail Gem CRLF Injection vulnerability Mail Gem CRLF Injection vulnerability The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring.