A vulnerability was found in OpenProject up to 11.3.2 (Project Management Software). It has been rated as critical. Affected by this issue is the function MessagesController. Upgrading to version 11.3.3 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.
OpenProject up to 11.3.2 MessagesController incorrect regex
- Virtual Patching
- July 21, 2021
- 10:04 am
- Virtual Patching
- July 21, 2021
- 10:04 am
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2022-23122 : NETATALK PRIOR 3.1.13 SETFILPARAMS STACK-BASED OVERFLOW
Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to
CVE-2023-28102 : DISCORDRB ENCODER.RB FILE OS COMMAND INJECTION
Description discordrb is an implementation of the Discord API using Ruby. In discordrb before commit `91e13043ffa` the `encoder.rb` file unsafely
CVE-2022-4126 : ABB RCCMD PRIOR 4.40 230207 HARD-CODED PASSWORD
Description Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and