Nextcloud allows multi account within the android client app and relies on a single lock Based on the (exposed) intent nc://login, it is possible to add a new account under attacker domain and open the Nextcloud without the lock check. # Proof of concept 1. open the NC app with the lock displayed…