Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:12 p.m.5 views

CVE-2026-30239

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, when budgets are deleted, the work packages that were assigned to this budget need to be moved to a different budget. This action was performed before the permission check on the delete action was executed. Thi...

7.1CVSS5.8AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/11 4:27 p.m.30 views

CVE-2026-30239 OpenProject has a Permission Check bypass on Budget deletion allows reassignment of WorkPackages into other budgets

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, when budgets are deleted, the work packages that were assigned to this budget need to be moved to a different budget. This action was performed before the permission check on the delete action was executed. Thi...

6.5CVSS0.0019EPSS
Exploits0References1
OSV
OSV
added 2026/03/11 4:27 p.m.5 views

CVE-2026-30239 OpenProject has a Permission Check bypass on Budget deletion allows reassignment of WorkPackages into other budgets

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, when budgets are deleted, the work packages that were assigned to this budget need to be moved to a different budget. This action was performed before the permission check on the delete action was executed. Thi...

6.5CVSS5.8AI score0.0019EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/11 4:27 p.m.2 views

CVE-2026-30239

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, when budgets are deleted, the work packages that were assigned to this budget need to be moved to a different budget. This action was performed before the permission check on the delete action was executed. Thi...

6.5CVSS5.8AI score0.0019EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder