CVE-2026-45278

Nextcloud is an open source content collaboration platform. From version 6.1.0 to before version 8.2.2, an attacker can craft links that would redirect users to another website, when the victim uses the attackers link to log in via user OIDC. This issue has been patched in version 8.2.2.

CVSS v3 3.3 LOW

3.3^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8wjr-5cg8-4w73	Vendor Advisory
https://github.com/nextcloud/user_oidc/pull/1273	Issue Tracking Patch
https://hackerone.com/reports/3464925	Permissions Required

Configurations

Configuration 1 (hide)

cpe:2.3:a:nextcloud:user_oidc:*:*:*:*:*:*:*:*

History

03 Jun 2026, 17:34

Type	Values Removed	Values Added
CPE		cpe:2.3:a:nextcloud:user_oidc::::::::
First Time		Nextcloud user Oidc Nextcloud
References	~~() https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8wjr-5cg8-4w73 -~~	() https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8wjr-5cg8-4w73 - Vendor Advisory
References	~~() https://github.com/nextcloud/user_oidc/pull/1273 -~~	() https://github.com/nextcloud/user_oidc/pull/1273 - Issue Tracking, Patch
References	~~() https://hackerone.com/reports/3464925 -~~	() https://hackerone.com/reports/3464925 - Permissions Required

01 Jun 2026, 19:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-06-01 19:16

Updated : 2026-06-03 17:34

NVD link : CVE-2026-45278

Mitre link : CVE-2026-45278

CVE.ORG link : CVE-2026-45278

JSON object : View

Products Affected

nextcloud

user_oidc

CWE

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

{"id": "CVE-2026-45278", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2026-06-01T19:16:49.823", "references": [{"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-8wjr-5cg8-4w73", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/nextcloud/user_oidc/pull/1273", "tags": ["Issue Tracking", "Patch"], "source": "security-advisories@github.com"}, {"url": "https://hackerone.com/reports/3464925", "tags": ["Permissions Required"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-601"}]}], "descriptions": [{"lang": "en", "value": "Nextcloud is an open source content collaboration platform. From version 6.1.0 to before version 8.2.2, an attacker can craft links that would redirect users to another website, when the victim uses the attackers link to log in via user OIDC. This issue has been patched in version 8.2.2."}], "lastModified": "2026-06-03T17:34:59.147", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:nextcloud:user_oidc:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "884F824B-026C-4161-B81E-C78325C328B8", "versionEndExcluding": "8.2.2", "versionStartIncluding": "6.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}