Back to CVE List

CVE-2026-27723

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
4.3 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Vulnerability Description

OpenProject is an open-source, web-based project management software. Prior to versions 17.0.5 and 17.1.2, an attacker can create wiki pages belonging to unpermitted projects through an improperly authenticated request. This issue has been patched in versions 17.0.5 and 17.1.2.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-284
Source
NVD
Vendor
opf
Product
openproject

External References

Discussion (0)

Add Comment

No comments yet. Be the first!