opf Openproject Vulnerabilities
Opf Openproject vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Arbitrary File Write Vulnerability in OpenProject by OPF
CVE-2026-25763OpfOpenproject9.4CRITICALHTML Injection Vulnerability in OpenProject by OpenProject Foundation
CVE-2026-25764OpfOpenproject3.5LOWInsufficient Validation in OpenProject Allows Unauthorized Agenda Modification
CVE-2026-24776OpfOpenproject4.3MEDIUMCross-Site Request Forgery in OpenProject Web-Based Project Management Software
CVE-2026-24775OpfOpenproject6.3MEDIUMOpenProject Web-Based Project Management Software Vulnerability
CVE-2026-24772OpfOpenproject8.9HIGHArbitrary File Write Vulnerability in OpenProject by OpenProject Foundation
CVE-2026-24685OpfOpenproject9.4CRITICALPermission Check Flaw in OpenProject Affects User Group Visibility
CVE-2026-23721OpfOpenproject4.3MEDIUMSession Management Flaw in OpenProject by OpenProject Foundation
CVE-2026-23646OpfOpenproject6.5MEDIUMStored Cross-Site Scripting Vulnerability in OpenProject Project Management Software
CVE-2026-23625OpfOpenproject8.7HIGHAccess Control Issue in OpenProject Affects User Meeting Permissions
CVE-2026-22605OpfOpenproject4.3MEDIUMUser Enumeration Flaw in OpenProject by OPF
CVE-2026-22604OpfOpenproject6.9MEDIUMUnauthenticated Password Change Vulnerability in OpenProject by OPF
CVE-2026-22603OpfOpenproject6.9MEDIUMUser Information Exposure in OpenProject by Opf
CVE-2026-22602OpfOpenproject3.5LOWCommand Execution Vulnerability in OpenProject by OpenProject Community
CVE-2026-22601OpfOpenproject8.6HIGHLocal File Read Vulnerability in OpenProject by OpenProject
CVE-2026-22600OpfOpenproject9.1CRITICALImproper Input Sanitization in OpenProject Web-Based Project Management Software
CVE-2025-24892OpfOpenproject3.5LOWOpenProject addresses phishing vulnerability in default packaged installations
CVE-2024-41801OpfOpenproject6.1MEDIUMStored XSS in Cost Report feature via {icon} substitution
CVE-2024-35224OpfOpenproject7.6HIGHOpenProject vulnerable to project identifier information leakage through robots.txt
CVE-2023-33960opfopenprojectEPSS 23%7.5HIGHOpenProject user sessions not terminated after activation of 2FA
CVE-2023-31140OpfOpenproject4.8MEDIUMSQL injection in OpenProject
CVE-2021-43830OpfOpenproject7.4HIGHRegular Expression Denial of Service in OpenProject forum messages
CVE-2021-32763OpfOpenproject4.3MEDIUM