CNNVD-202510-3786 Information

CNNVD ID

CNNVD-202510-3786

Related CVE

CVE-2025-62367

• CNNVD Published: 2025-10-28

Description (Chinese)

Taiga是Taiga开源的一个免费的开源项目管理工具。 Taiga 6.8.3及之前版本存在SQL注入漏洞，该漏洞源于API存在基于时间的盲SQL注入，可能导致敏感数据泄露。

Description (English)

Taiga is a free open source project management tool for Taiga Open Source. Taiga 6.8.3 and earlier versions had an SQL injection loophole, which stemmed from the time-based blind SQL injection of API, which could lead to the disclosure of sensitive data.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

Taiga

Published

2025-10-28

Last Modified

2026-02-24

References

https://github.com/taigaio/taiga-back/security/advisories/GHSA-chm9-9wwq-xffj https://access.redhat.com/security/cve/cve-2025-62367

Patch

https://github.com/taigaio/taiga-back/tags