EUVD-2026-18470CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H
Lifecycle Timeline
3Tags
Description
OpenProject is an open-source, web-based project management software. Prior to version 17.2.3, the =n operator in modules/reporting/lib/report/operator.rb:177 embeds user input directly into SQL WHERE clauses without parameterization. This issue has been patched in version 17.2.3.
Analysis
SQL injection in OpenProject reporting module allows authenticated users to execute arbitrary SQL commands with escalated privileges. The vulnerable =n operator in the reporting library (modules/reporting/lib/report/operator.rb:177) concatenates user-controlled input directly into WHERE clauses without parameterization. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all OpenProject deployments and document current versions; restrict reporting module access to administrative users only via role-based controls; enable database query logging and monitoring. Within 7 days: Contact OpenProject support for ETA on version 17.2.3 patch; evaluate interim migration to alternative project management tools if patch timeline exceeds organizational risk tolerance. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today