Protect

Counter measures across the security fabric for protecting assets, data and network.

AI-Protect Security

Anti-Botnet

AntiMalware

AntiSpam

Application Control

Intrusion Protection

Operational Technology Security

Sandbox Behavior Engine

Web Application Security

Web Filtering

Detect

Find and correlate important information to identify an outbreak. Find and correlate

Anti-Recon and Anti-Exploit

Cloud Threat Detection

Endpoint Detection & Response

Indicators of Compromise

Outbreak Deception

Outbreak Detection

Security Automation

Respond Develop containment techniques to mitigate impacts of security events. Develop containment

Endpoint Detection and Response

Endpoint Forensics

Incident Response

Recover

Improve security posture and processes by implementing security awareness and training.

Assessment Services

NSE Training

Security Awareness Training

Description

This indicates an attack attempt to exploit a SQL Injection Vulnerability in OPF OpenProject.
A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the Activities API endpoint. Successful exploitation results in the execution of arbitrary SQL code against the underlying database.

Affected Products

OPF OpenProject 5.0.0 - 8.3.1

Impact

System Compromise: Remote attackers can add, view, delete or modify data in the database of the affected application

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://groups.google.com/forum/# !msg/openproject-security/XlucAJMxmzM/hESpOaFVAwAJ

Telemetry