Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/20 6:18 p.m.6 views

CVE-2026-23721

OpenProject is an open-source, web-based project management software. When using groups in OpenProject to manage users, the group members should only be visible to users that have the View Members permission in any project that the group is also a member of. Prior to versions 17.0.1 and 16.6.5, d...

4.3CVSS5.5AI score0.00176EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/19 5:52 p.m.5 views

CVE-2026-23721

OpenProject is an open-source, web-based project management software. When using groups in OpenProject to manage users, the group members should only be visible to users that have the View Members permission in any project that the group is also a member of. Prior to versions 17.0.1 and 16.6.5, d...

4.3CVSS5.4AI score0.00176EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/19 5:52 p.m.5 views

CVE-2026-23721 OpenProject users with "View Members" permission in any project can view all Group memberships

OpenProject is an open-source, web-based project management software. When using groups in OpenProject to manage users, the group members should only be visible to users that have the View Members permission in any project that the group is also a member of. Prior to versions 17.0.1 and 16.6.5, d...

4.3CVSS5.4AI score0.00176EPSS
Exploits0References1
OSV
OSV
added 2026/01/19 5:52 p.m.6 views

CVE-2026-23721 OpenProject users with "View Members" permission in any project can view all Group memberships

OpenProject is an open-source, web-based project management software. When using groups in OpenProject to manage users, the group members should only be visible to users that have the View Members permission in any project that the group is also a member of. Prior to versions 17.0.1 and 16.6.5, d...

4.3CVSS5.5AI score0.00176EPSS
Exploits0References3
Rows per page
Query Builder