It is possible to bypass the passcode protection in nextcloud android talk by clicking the notification of a message.
Proof of Concept: #
- Create two users
- Using User A login it to the web interface while User B on Talk App Android
- Using User B setup the passcode protection in settings
- Using User A send a message to User B
- Wait for the notification and click it
References #
- https://hackerone.com/reports/1784645
- https://nvd.nist.gov/vuln/detail/CVE-2023-22473
- https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wvr4-gc4c-6vmx