CVE-2025-69284 | makeplane up to 1.1.x members display_name access control

Inserito da Angelo Barbosa | Gen 2, 2026 | CVE

A vulnerability was found in makeplane plane up to 1.1.x. It has been declared as critical. The affected element is an unknown function of the file /api/workspaces/:slug/members/. Such manipulation of the argument display_name leads to improper access controls.

This vulnerability is uniquely identified as CVE-2025-69284. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.

CVE-2025-69284 | makeplane up to 1.1.x members display_name access control

Post correlati

CVE-2024-2562 | PandaXGO PandaX up to 20240310 role_menu.go InsertRole roleKey sql injection

CVE-2024-32129 | Freshworks Freshdesk Plugin up to 2.3.4 on WordPress redirect

CVE-2024-11720 | shabti Frontend Admin Plugin up to 3.24.5 on WordPress cross site scripting

CVE-2024-38175 | Microsoft Azure Managed Instance for Apache Cassandra access control