2 matches found
CVE-2017-15208
In Kanboard prior to 1.0.47, an authenticated user can remove automatic actions from another user’s private project by altering form data. The CVE-2017-15208 issue arises from a server-side validation flaw that allows modifying project action state without proper authorization. Exploitation detai...
CVE-2017-15208
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove automatic actions from a private project of another user...