CVE-2025-66550 | THREATINT

Description

Nextcloud Calendar is a calendar app for Nextcloud. Prior to 4.7.17 and 5.2.4, when a malicious user creates a calendar event with a crafted attachment that links to a download link of a file on the same Nextcloud server, the file would be downloaded without the user confirming the action. This vulnerability is fixed in 4.7.17 and 5.2.4.

PUBLISHED Reserved 2025-12-04 | Published 2025-12-05 | Updated 2025-12-05 | Assigner GitHub_M

MEDIUM: 5.7CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

Problem types

CWE-241: Improper Handling of Unexpected Data Type

Product status

>= 5.0.0-rc.1, < 5.2.4

affected

< 4.7.17

affected

References

github.com/...sories/security/advisories/GHSA-f29c-ppmv-8mcv

github.com/nextcloud/calendar/pull/6971

github.com/...ommit/63a6c398db01391eb9fd5297a0d4c3d6e614f769

hackerone.com/reports/3112033

cve.org (CVE-2025-66550)

nvd.nist.gov (CVE-2025-66550)