Design/Logic Flaw

2017-10-1101:32:00

PRIOn knowledge base

www.prio-n.com

4.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.9%

JSON

In Kanboard before 1.0.47, by altering form data, an authenticated user can download attachments from a private project of another user.

CPENameOperatorVersion
kanboardeq1.0.5
kanboardeq1.0.0
kanboardeq1.0.3
kanboardeq1.0.2
kanboardeq1.0.1
kanboardeq1.0.4
kanboardeq1.0.6
kanboardeq1.0.7
kanboardeq1.0.8
kanboardeq1.0.9

Name	Operator	Version
kanboard	eq	1.0.5
kanboard	eq	1.0.0
kanboard	eq	1.0.3
kanboard	eq	1.0.2
kanboard	eq	1.0.1
kanboard	eq	1.0.4
kanboard	eq	1.0.6
kanboard	eq	1.0.7
kanboard	eq	1.0.8
kanboard	eq	1.0.9