CNNVD-202602-983 Information
Feb 06, 2026
cve
CNNVD ID
CNNVD-202602-983
Related CVE
- CNNVD Published: 2026-02-06
Description (Chinese)
OpenProject是OpenProject开源的一个基于Web的项目管理软件。 OpenProject 17.0.2之前版本存在安全漏洞,该漏洞源于拖放处理程序未正确检查目标会议部分,可能导致攻击者将会议议程项目移动到不同会议中。
Description (English)
OpenProject is a Web-based project management software from OpenProject Open Source. There was a security loophole in the previous version of OpenProject 17.0.2, which stemmed from a drag-and-disposal process that mischecked the target session segment and could lead to the attackers moving agenda items to different meetings.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
OpenProject
Published
2026-02-06
Last Modified
2026-02-24
References
https://github.com/opf/openproject/releases/tag/v17.0.2 https://github.com/opf/openproject/security/advisories/GHSA-p9v8-w9ph-hqmf
Patch
https://github.com/opf/openproject/releases
Share on: