Unauthorized Access Vulnerability in Kanboard by Kanboard
CVE-2017-15195

4.3MEDIUM

Key Information:

Vendor: Kanboard
Status: Kanboard
Vendor: CVE Published:; 11 October 2017

🔔 Create Kanboard Vulnerability Alert

What is CVE-2017-15195?

In versions of Kanboard prior to 1.0.47, an authenticated user can exploit the system by altering form data, thereby gaining unauthorized access to edit swimlanes of private projects owned by other users. This vulnerability poses a significant risk of data manipulation and privacy breaches within project management workflows.

References

https://github.com/kanboard/kanboard/commit/074f6c104f3e4...

x_refsource_MISC

http://openwall.com/lists/oss-security/2017/10/04/9

x_refsource_MISC

https://kanboard.net/news/version-1.0.47

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 11, 2017

.

CVE-2017-15195 : Unauthorized Access Vulnerability in Kanboard by Kanboard