CVE-2026-45278
Open Redirect Vulnerability in Nextcloud
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nextcloud | user_oidc | From 6.1.0 (inc) to 8.2.2 (exc) |
| nextcloud | user_oidc | 8.2.2 |
| nextcloud | nextcloud | From 6.1.0 (inc) to 8.2.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-45278 is an Open Redirect vulnerability in the Nextcloud user_oidc login flow. It affects versions from 6.1.0 up to but not including 8.2.2. An attacker can craft malicious links that redirect users to external websites when the users attempt to log in via the OpenID Connect (OIDC) protocol. This happens because the validation of redirect URLs was insufficient, allowing absolute URLs to be used for redirection.
This vulnerability was patched in version 8.2.2 by improving the validation of redirect URLs to prevent the use of absolute URLs, thereby strengthening security in the user_oidc backend.
How can this vulnerability impact me? :
This vulnerability can impact users by allowing attackers to redirect them to malicious or untrusted websites during the login process via user OIDC. This could potentially lead to phishing attacks or other social engineering exploits if users trust the redirected site.
The attack requires user interaction, specifically clicking on a crafted malicious link. The severity is considered low with a CVSS score of 3.3, indicating limited impact but still a security risk.
To mitigate this risk, users should upgrade to Nextcloud user_oidc version 8.2.2 or later, where the vulnerability has been patched.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves crafted links that redirect users to external websites during the user OIDC login flow in Nextcloud versions before 8.2.2. Detection would involve monitoring login attempts for unusual or unexpected redirect URLs.
Since the issue is related to URL redirection during login, you can inspect web server logs or Nextcloud logs for login requests containing suspicious redirect parameters.
Commands to help detect this might include searching logs for redirect parameters or suspicious URLs, for example:
- grep -i 'redirect' /path/to/nextcloud/data/nextcloud.log
- grep -Eo 'redirect_uri=[^&]+' /var/log/apache2/access.log | sort | uniq -c
- Use network monitoring tools to capture HTTP requests during login and analyze redirect URLs for external domains.
What immediate steps should I take to mitigate this vulnerability?
The primary and recommended mitigation step is to upgrade the Nextcloud user_oidc app to version 8.2.2 or later, where the vulnerability has been patched.
No workarounds are available, so applying the official patch by updating is essential to prevent exploitation.
Additionally, educating users to be cautious about clicking on suspicious login links can help reduce risk until the update is applied.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.