2 matches found
CVE-2021-43830
OpenProject is a web-based project management software. OpenProject versions = 12.0.0 are vulnerable to a SQL injection in the budgets module. For authenticated users with the "Edit budgets" permission, the request to reassign work packages to another budget unsufficiently sanitizes user input in...
CVE-2021-43830
OpenProject is a web-based project management software. OpenProject versions = 12.0.0 are vulnerable to a SQL injection in the budgets module. For authenticated users with the "Edit budgets" permission, the request to reassign work packages to another budget unsufficiently sanitizes user input in...