Vulnerability Description
user_oidc is an OpenID Connect user backend for Nextcloud. Versions prior to 1.2.1 did not properly validate discovery urls which may lead to a stored cross site scripting attack vector. The impact is limited due to the restrictive CSP that is applied on this endpoint. Additionally this vulnerability has only been shown to be exploitable in the Safari web browser. This issue has been addressed in version 1.2.1. Users are advised to upgrade. Users unable to upgrade should urge their users to avoid using the Safari web browser.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nextcloud | Openid Connect User Backend | < 1.2.1 |
Related Weaknesses (CWE)
References
- https://github.com/nextcloud/security-advisories/security/advisories/GHSA-5fpw-7Third Party Advisory
- https://github.com/nextcloud/user_oidc/pull/496PatchThird Party Advisory
- https://hackerone.com/reports/1687410Permissions RequiredThird Party Advisory
- https://github.com/nextcloud/security-advisories/security/advisories/GHSA-5fpw-7Third Party Advisory
- https://github.com/nextcloud/user_oidc/pull/496PatchThird Party Advisory
- https://hackerone.com/reports/1687410Permissions RequiredThird Party Advisory
FAQ
What is CVE-2022-39338?
CVE-2022-39338 is a vulnerability with a CVSS score of 3.5 (LOW). user_oidc is an OpenID Connect user backend for Nextcloud. Versions prior to 1.2.1 did not properly validate discovery urls which may lead to a stored cross site scripting attack vector. The impact is...
How severe is CVE-2022-39338?
CVE-2022-39338 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-39338?
Check the references section above for vendor advisories and patch information. Affected products include: Nextcloud Openid Connect User Backend.