{"id":"CVE-2017-12851","details":"An authenticated standard user could reset the password of the admin by altering form data. Affects kanboard before 1.0.46.","modified":"2026-04-10T03:56:53.171824Z","published":"2017-08-14T20:29:00.217Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/100352"},{"type":"FIX","url":"https://github.com/kanboard/kanboard/commit/b79b18efd7a1a8b591753a4eddd473f88d55b7df"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kanboard/kanboard","events":[{"introduced":"0"},{"last_affected":"217977500a6c10f71bcffed19ec6dee2466d4a84"},{"fixed":"b79b18efd7a1a8b591753a4eddd473f88d55b7df"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.0.45"}]}}],"versions":["v1.0.0","v1.0.1","v1.0.10","v1.0.11","v1.0.12","v1.0.13","v1.0.14","v1.0.15","v1.0.16","v1.0.17","v1.0.18","v1.0.19","v1.0.2","v1.0.20","v1.0.26","v1.0.27","v1.0.28","v1.0.29","v1.0.3","v1.0.30","v1.0.31","v1.0.32","v1.0.33","v1.0.34","v1.0.35","v1.0.36","v1.0.37","v1.0.38","v1.0.39","v1.0.4","v1.0.40","v1.0.41","v1.0.42","v1.0.43","v1.0.44","v1.0.45","v1.0.5","v1.0.6","v1.0.7","v1.0.8","v1.0.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12851.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}