VYPR
Unrated severityNVD Advisory· Published May 13, 2019· Updated Aug 4, 2024

CVE-2019-11600

CVE-2019-11600

Description

A SQL injection vulnerability in the activities API in OpenProject before 8.3.2 allows a remote attacker to execute arbitrary SQL commands via the id parameter. The attack can be performed unauthenticated if OpenProject is configured not to require authentication for API access.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • OpenProject/OpenProjectdescription
  • Opf/Openprojectllm-fuzzy
    Range: <8.3.2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.