CVE-2026-27723

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.0.5 OpenProject versions prior to 17.1.2

Description OpenProject is a web-based project management software. An attacker can create wiki pages for projects they are not authorized to access by sending an improperly authenticated request.

Recommendations Update to OpenProject version 17.0.5 or later. Update to OpenProject version 17.1.2 or later.