📦 Calendar

This vulnerability in Nextcloud Calendar allows a malicious user to create calendar events with crafted attachments that automatically download files from the same Nextcloud server without user confir...

Nextcloud Calendar versions before 6.0.3 generate participant tokens for meeting proposals using a predictable hash function instead of cryptographically secure random generation. This allows attacker...

Authenticated users in Nextcloud Calendar can create events with manipulated attachment data that causes bad redirects for participants when clicked. This affects all Nextcloud instances running vulne...

This vulnerability in Nextcloud Calendar allows attackers to blindly book appointments using sequential IDs without needing the appointment token. It affects Nextcloud Calendar versions before 4.7.19,...