CVE-2026-33667 | opf openproject up to 17.2.x Setting confirm_otp excessive authentication (GHSA-234r-45m2-w6cv)

A vulnerability classified as problematic has been found in opf openproject up to 17.2.x. This vulnerability affects the function confirm_otp of the component Setting Handler. This manipulation causes improper restriction of excessive authentication attempts.

This vulnerability is handled as CVE-2026-33667. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More