CVE-2026-32698 | opf openproject up to 16.6.8/17.0.5/17.1.2/17.2.0 Repositories sql injection (GHSA-jqhf-rf9x-9rhx)

A vulnerability, which was classified as critical, was found in opf openproject up to 16.6.8/17.0.5/17.1.2/17.2.0. This affects an unknown function of the component Repositories Module. The manipulation results in sql injection.

This vulnerability is reported as CVE-2026-32698. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More