Skip to content
Medium Published: Oct 11, 2017 Modified: Apr 20, 2025

CVE-2017-15195

4.3 CVSS Score Medium
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Export CVE-2017-15195 Data:
Share:
Link copied!

Description

In Kanboard before 1.0.47, by altering form data, an authenticated user can edit swimlanes of a private project of another user.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Low
Availability None

Affected Software Configurations

  • a kanboard kanboard 1.0.0 * * * * * * *
  • a kanboard kanboard 1.0.1 * * * * * * *
  • a kanboard kanboard 1.0.2 * * * * * * *
  • a kanboard kanboard 1.0.3 * * * * * * *
  • a kanboard kanboard 1.0.4 * * * * * * *
  • a kanboard kanboard 1.0.5 * * * * * * *
  • a kanboard kanboard 1.0.6 * * * * * * *
  • a kanboard kanboard 1.0.7 * * * * * * *
  • a kanboard kanboard 1.0.8 * * * * * * *
  • a kanboard kanboard 1.0.9 * * * * * * *

Weaknesses (CWE)

  • CWE-639

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2017-15196 CVSS 0 Same weakness: CWE-639 CVE-2017-15197 CVSS 0 Same weakness: CWE-639 CVE-2017-15199 CVSS 0 Same weakness: CWE-639 CVE-2017-15200 CVSS 0 Same weakness: CWE-639 CVE-2017-15201 CVSS 0 Same weakness: CWE-639

CVE History Timeline

Oct 19, 2017 22:25 Initial Analysis
Oct 03, 2019 00:03 CWE Remap
May 14, 2024 04:23 CVE Modified
Nov 21, 2024 03:14 CVE Modified
← Back to CVE Tracker