← Back to home
wid-sec-w-2026-0628  ·  Published 2026-03-05  ·  View on BSI CERT-Bund ↗

Nextcloud Flow: Vulnerability allows Ausführen from beliebigem Programmcode with Administratorrechten

CVSS 6.9 MEDIUM

Risk Summary

Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Prior to version 1.603.3, an unauthenticated path traversal vulnerability exists in Windmill's get_log_file endpoint "(/api/w/{workspace}/jobs_u/get_log_file/{filename})". The filename parameter is concatenated into a file path without sanitization, allowing an attacker to read arbitrary files on the server using ../ sequences. This issue has been patched in version 1.603.3.

CVEs (1)

Affected Vendors

Nextcloud

Affected Products (2)

Nextcloud · Nextcloud Flow <1.3.0
Nextcloud · Nextcloud Flow 1.3.0

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more