diff --git a/lib/private/Files/View.php b/lib/private/Files/View.php
index f524debfb56..d047ea4e53e 100644
--- a/lib/private/Files/View.php
+++ b/lib/private/Files/View.php
@@ -732,6 +732,11 @@ class View {
 	public function rename($source, $target) {
 		$absolutePath1 = Filesystem::normalizePath($this->getAbsolutePath($source));
 		$absolutePath2 = Filesystem::normalizePath($this->getAbsolutePath($target));
+
+		if (str_starts_with($absolutePath2, $absolutePath1 . '/')) {
+			throw new ForbiddenException("Moving a folder into a child folder is forbidden", false);
+		}
+
 		$result = false;
 		if (
 			Filesystem::isValidPath($target)