Количество 2
Количество 2
CVE-2017-11667
OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote attackers to perform APIv3 requests indefinitely by leveraging a hijacked session.
GHSA-2w7h-66vj-246p
OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote attackers to perform APIv3 requests indefinitely by leveraging a hijacked session.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-11667 OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote attackers to perform APIv3 requests indefinitely by leveraging a hijacked session. | CVSS3: 8.1 | 1% Низкий | больше 8 лет назад |
| GHSA-2w7h-66vj-246p OpenProject before 6.1.6 and 7.x before 7.0.3 mishandles session expiry, which allows remote attackers to perform APIv3 requests indefinitely by leveraging a hijacked session. | CVSS3: 8.1 | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу