CVE-2023-33183
LowCVSS 2.6Exploitation Probability (EPSS)
Low risk35th percentile — higher than 35% of all known CVEs
Summary
The Calendar app for Nextcloud discloses some internal paths of the website when the SMTP server is unavailable. It is recommended to update the Calendar app to version 3.5.5 or 4.2.3.
Risk Assessment
The disclosure of internal paths may lead to potential attacks on the Nextcloud infrastructure, posing a risk to data security.
Recommendation
It is recommended to immediately update the Calendar app to the latest version to minimize the risk associated with information disclosure.
Original NVD description (English source)
Calendar app for Nextcloud easily sync events from various devices with your Nextcloud. Some internal paths of the website are disclosed when the SMTP server is unavailable. It is recommended that the Calendar app is updated to 3.5.5 or 4.2.3

