references/openproject
1
0
Fork 0
mirror of https://github.com/opf/openproject.git synced 2026-06-14 03:30:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
16d9c86f775099dfd5f355ccecd2bda79a030749
openproject/docs/release-notes/17-2-3
T
History
Oliver Günther 373ef9172e Update security fixes
2026-03-31 08:52:25 +02:00
..
README.md
Update security fixes
2026-03-31 08:52:25 +02:00

README.md

title, sidebar_navigation, release_version, release_date
title sidebar_navigation release_version release_date
OpenProject 17.2.3
title
17.2.3
17.2.3 2026-03-31

OpenProject 17.2.3

Release date: 2026-03-31

We released OpenProject OpenProject 17.2.3. The release contains several bug fixes and we recommend updating to the newest version. Below you will find a complete list of all changes and bug fixes.

Security fixes

CVE-2026-34717 - SQL Injection in Cost Reporting =n Operator via parse_number_string

The =n operator in cost reports did not appropriately treat user input

This vulnerability was reported by user Ochk0 through a GitHub security advisory. Thank you for responsibly disclosing your findings.

For more information, please see the GitHub advisory #GHSA-5rrm-6qmq-2364

Bug fixes and changes

Reference in New Issue View Git Blame Copy Permalink