CVE-2025-66515 | THREATINT

Description

The Nextcloud Approval app allows approval or disapproval of files in the sidebar. Prior to 1.3.1 and 2.5.0, an authenticated user listed as a requester in a workflow can set another user’s file into the “pending approval” without access to the file by using the numeric file id. This vulnerability is fixed in 1.3.1 and 2.5.0.

PUBLISHED Reserved 2025-12-03 | Published 2025-12-05 | Updated 2025-12-05 | Assigner GitHub_M

LOW: 2.7CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

Problem types

CWE-287: Improper Authentication

Product status

>= 2.0.0, < 2.5.0

affected

< 1.3.1

affected

References

github.com/...sories/security/advisories/GHSA-q26g-fmjq-x5g5

github.com/nextcloud/approval/pull/334

github.com/...ommit/e30b56b7832255311ac800b7875f44866e88fff4

hackerone.com/reports/3338748

cve.org (CVE-2025-66515)

nvd.nist.gov (CVE-2025-66515)