CVE-2026-10285
Gravedad CVSS v4.0:
MEDIA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
01/06/2026
Última modificación:
02/06/2026
Descripción
*** Pendiente de traducción *** A vulnerability has been found in DevaslanPHP project-management up to 2.0.0-beta1. Affected by this issue is the function KanbanScrumHelper::recordUpdated of the file app/Helpers/KanbanScrumHelper.php of the component Ticket Handler. The manipulation leads to improper authorization. The attack is possible to be carried out remotely. The project was informed of the problem early through an issue report but has not responded yet.
Impacto
Puntuación base 4.0
5.30
Gravedad 4.0
MEDIA
Puntuación base 3.x
5.40
Gravedad 3.x
MEDIA
Puntuación base 2.0
5.50
Gravedad 2.0
MEDIA



