Kanboard: >> Kanboard >> 1.0.15 Security Vulnerabilities
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit metadata of a private project of another user, as demonstrated by Name, Email, Identifier, and Description.
CVSS Score
4.3
EPSS Score
0.005
Published
2017-10-11
In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a private project of another user.
CVSS Score
4.3
EPSS Score
0.005
Published
2017-10-11
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tags of a private project of another user.
CVSS Score
4.3
EPSS Score
0.005
Published
2017-10-11
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit columns of a private project of another user.
CVSS Score
4.3
EPSS Score
0.005
Published
2017-10-11
In Kanboard before 1.0.47, by altering form data, an authenticated user can remove categories from a private project of another user.
CVSS Score
4.3
EPSS Score
0.005
Published
2017-10-11
In Kanboard before 1.0.47, by altering form data, an authenticated user can add automatic actions to a private project of another user.
CVSS Score
4.3
EPSS Score
0.005
Published
2017-10-11
In Kanboard before 1.0.47, by altering form data, an authenticated user can download attachments from a private project of another user.
CVSS Score
4.3
EPSS Score
0.003
Published
2017-10-11
In Kanboard before 1.0.47, by altering form data, an authenticated user can add an internal link to a private project of another user.
CVSS Score
4.3
EPSS Score
0.005
Published
2017-10-11
In Kanboard before 1.0.47, by altering form data, an authenticated user can edit tasks of a private project of another user.
CVSS Score
4.3
EPSS Score
0.005
Published
2017-10-11
An authenticated standard user could reset the password of other users (including the admin) by altering form data. Affects kanboard before 1.0.46.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-08-14