Medium severity5.4NVD Advisory· Published Jun 1, 2026· Updated Jun 2, 2026
CVE-2026-10285
CVE-2026-10285
Description
A vulnerability has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this issue is the function KanbanScrumHelper::recordUpdated of the file app/Helpers/KanbanScrumHelper.php of the component Ticket Handler. The manipulation leads to improper authorization. The attack is possible to be carried out remotely. The project was informed of the problem early through an issue report but has not responded yet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=2.0.0-beta1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.