Skip to main content
  1. Security/

Passcode bypass on Talk Android app

·1 min· loading · loading ·
Nextcloud bugbounty CVE-2023-22473
Christian Angel
Christian Angel
Table of Contents
It is possible to bypass the passcode protection in nextcloud android talk by clicking the notification of a message.

Proof of Concept:

  1. Create two users
  2. Using User A login it to the web interface while User B on Talk App Android
  3. Using User B setup the passcode protection in settings
  4. Using User A send a message to User B
  5. Wait for the notification and click it