CVE-2025-66514 | Nextcloud Mail up to 5.5.2 Message cross site scripting (GHSA-v394-8gpc-6fv5)

A vulnerability described as problematic has been identified in Nextcloud Mail up to 5.5.2. This affects an unknown part of the component Message Handler. Such manipulation leads to basic cross site scripting.

This vulnerability is documented as CVE-2025-66514. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More