Offensive Sequence
🌐@offseq@infosec.exchange·
1 min read
⚠️ CRITICAL: CVE-2026-32703 in OpenProject (<16.6.9, <17.0.6, <17.1.3, <17.2.1) enables persistent XSS via repo filenames. Attackers w/ push access can inject scripts — risk: session hijack, data theft. Patch now! https://radar.offseq.com/threat/cve-2026-32703-cwe-79-improper-neutralization-of-i-f2afc489 #OffSeq #XSS #OpenProject #Vuln
Start your own journal on Inkwell
No algorithms, no ads — just your writing, your way. Customize your space, connect with readers, and join the open social web.
Get started — it's freeFree to use. Part of the open social web.
Marginalia