2 matches found
CVE-2017-15197
In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new category to a private project of another user...
CVE-2017-15197
CVE-2017-15197 affects Kanboard pre-1.0.47. An authenticated user can bypass input checks by altering form data to add a new category to another user’s private project. The root cause is a lack of proper validation for form submissions that modify project metadata, enabling unauthorized category ...