CSRF vulnerability in Nextcloud Desktop Client 3.6.1 on Windows when clicking malicious link