{"id":"CVE-2025-66515","summary":"Nextcloud Approval app allows users to request approval for other users file","details":"The Nextcloud Approval app allows approval or disapproval of files in the sidebar. Prior to 1.3.1 and 2.5.0, an authenticated user listed as a requester in a workflow can set another user’s file into the “pending approval” without access to the file by using the numeric file id. This vulnerability is fixed in 1.3.1 and 2.5.0.","aliases":["GHSA-q26g-fmjq-x5g5"],"modified":"2026-04-10T05:35:22.648774Z","published":"2025-12-05T17:37:06.767Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/66xxx/CVE-2025-66515.json","cwe_ids":["CWE-287"],"cna_assigner":"GitHub_M"},"references":[{"type":"WEB","url":"https://hackerone.com/reports/3338748"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/66xxx/CVE-2025-66515.json"},{"type":"ADVISORY","url":"https://github.com/nextcloud/security-advisories/security/advisories/GHSA-q26g-fmjq-x5g5"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-66515"},{"type":"FIX","url":"https://github.com/nextcloud/approval/commit/e30b56b7832255311ac800b7875f44866e88fff4"},{"type":"FIX","url":"https://github.com/nextcloud/approval/pull/334"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nextcloud/approval","events":[{"introduced":"ab82e0be779bf82aeced0da8bd85d8e48913e55a"},{"fixed":"7546a5b3897b2e7614cac843674e58619c1a4085"}],"database_specific":{"versions":[{"introduced":"2.0.0"},{"fixed":"2.5.0"}]}},{"type":"GIT","repo":"https://github.com/nextcloud/approval","events":[{"introduced":"0"},{"fixed":"81349ccba1e3d45abac267280e6f767143b829b4"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.3.1"}]}}],"versions":["v0.0.3-2-nightly","v0.0.3-3-nightly","v0.0.3-4-nightly","v0.0.3-5-nightly","v0.0.4-1-nightly","v0.0.4-2-nightly","v0.0.6","v0.0.7","v0.0.8","v0.0.9","v1.0.0","v1.0.1","v1.0.10","v1.0.10-2-nightly","v1.0.10-3-nightly","v1.0.11","v1.0.12","v1.0.13","v1.0.14","v1.0.2","v1.0.3","v1.0.4","v1.0.4-1-nightly","v1.0.5-1-nightly","v1.0.5-2-nightly","v1.0.5-3-nightly","v1.0.5-4-nightly","v1.0.5-5-nightly","v1.0.5-6-nightly","v1.0.6","v1.0.7","v1.0.7-1-nightly","v1.0.7-2-nightly","v1.0.7-3-nightly","v1.0.7-4-nightly","v1.0.8","v1.0.8-1-nightly","v1.0.9","v1.1.0","v1.1.1","v1.2.0","v1.3.0","v2.0.0","v2.1.0","v2.2.0","v2.3.0","v2.4.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-66515.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N"}]}