Openproject: >> Openproject >> 5.0.17 Security Vulnerabilities
OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote attackers to perform APIv3 requests indefinitely by leveraging a hijacked session.
CVSS Score
8.1
EPSS Score
0.014
Published
2017-07-26
Page 4