보고서를 쓴지 얼마 안되었을때 쓴 보고서라서 그런지 지금 보기에는 고칠점이 많지만 다행히 grafana 측에서 정보를 더 요청하지 않고 바로 accept 해 주었다.1. SummaryThe dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege ..

SummaryA stored HTML injection exists in Nextcloud Mail’s message list (“Envelope”). The message subject is rendered with v-html without proper escaping in the non-draft path. As a result, an attacker can inject HTML such as into the subject. Inline-script XSS attempts (e.g., ) are attempted but do not execute under the default CSP that blocks inline handlers; however, if CSP is bypassed, the s..

A critical authentication bypass vulnerability exists in the Nextcloud TwoFactor WebAuthn app that allows attackers to overwrite other users' WebAuthn credentials. The PublicKeyCredentialEntityMapper::insertOrUpdate() method searches for existing credentials using only the public_key_credential_id without validating the user_handle, enabling cross-user credential hijacking.Steps To Reproduce:Set..