2 matches found
PT-2026-52911
Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.3.3 OpenProject versions prior to 17.4.1 Description Cache store poisoning allows for Remote Code Execution RCE, a process where an attacker executes arbitrary code on a remote machine. Recommendations Update t...
Rukovoditel cross-site scripting vulnerability (CNVD-2021-50935)
Rukovoditel is a free web-based open source project management application. A stored cross-site scripting vulnerability exists in the 'User Alerts' feature in Rukovoditel version 2.7.2, which can be exploited to execute arbitrary web script or HTML via the 'Title' parameter...