ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation | Ars Technica
“The vulnerability, which carries the maximum severity rating of 10, makes it possible to obtain passwords and cryptographic keys allowing administrative control of a vulnerable server by sending a simple Web request to a static URL”
Basic auth is better than no auth, but it is absolutely not a recommended auth method these days
I use it on top of nextcloud auth
Basic auth is a base64 of your login credentials, might as well be plain text. You should absolutely not be using basic auth if you have other options