CVE-2017-15199

Published: Oct 10, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a private project of another user, as demonstrated by Name, Email, Identifier, and Description.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/kanboard/kanboard/commit/074f6c104f3e49401ef0065540338fc2d4be79f0

x_refsource_MISC

http://openwall.com/lists/oss-security/2017/10/04/9

x_refsource_MISC

https://kanboard.net/news/version-1.0.47

x_refsource_MISC

https://github.com/kanboard/kanboard/commit/3e0f14ae2b0b5a44bd038a472f17eac75f538524

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-15199

Description

Affected Products

References