Project Management Archives - Page 2 of 2 - Proactive Insights and Support For Open-Source Applications

10 Jun 2024 Project and Agile Management

Kanboard: Vulnerability Enables Attackers to Hijack Projects

In Kanboard version 1.2.36 a high severity vulnerability CVE-2024-36399 was detected. This vulnerability allows attackers to take over any other project. To address this issue, users need to update to version 1.2.37. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-36399/.

Read more Project Management

15 May 2024 Project and Agile Management

Kimai: Inconsistency Between UI and API Access in ‘view_other_timesheet’ Permission

In Kimai all versions before 2.13.0 a medium severity vulnerability CVE-2024-29200 was detected. Setting the “view_other_timesheet” permission to true allows users to see only their team’s timesheet entries in the Kimai UI, but when using the API, it returns all timesheet entries, regardless of team memberships. This vulnerability is resolved in version 2.13.0. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-29200/.