CVE-2017-15210

In Kanboard before 1.0.47, by altering form data, an authenticated user can see thumbnails of pictures from a private project of another user.

Date published : 2017-10-10

http://openwall.com/lists/oss-security/2017/10/04/9

https://github.com/kanboard/kanboard/commit/7100f6de8a1f566e260b3e65312767e4cde112b1