Key Information 1. Vulnerability Description: - Title: Open redirect when logging in with user_oidc - Report ID: #2720030 - Report Time: September 16, 2024, 12:13 UTC 2. Reporter: - Username: kesselb 3. Report Status: - Status: Resolved - Disclosure Time: November 15, 2024, 3:56 UTC 4. Vulnerability Type: - Severity: No rating (---) - Weakness: Open Redirect 5. CVE ID: CVE-2024-52512 6. Participants: - Reporter: kesselb - Reported To: Nextcloud - Participants: Nextcloud staff 7. Timeline: - Report Submitted: September 16, 2024, 12:13 UTC - Status Change: September 16, 2024, 12:13 UTC (Submitted) - Status Change: September 16, 2024, 12:51 UTC (Marked as In Progress) - Status Change: October 18, 2024, 7:31 UTC (Closed and Marked as Resolved) - Status Change: November 15, 2024, 3:56 UTC (Disclosed) 8. Reward Information: - Reward: None Summary This is a report of an Open Redirect vulnerability in Nextcloud, submitted by the reporter on September 16, 2024. Nextcloud marked it as resolved on October 18, 2024, and officially disclosed it on November 15, 2024.