Tag
OpenProject versions before 17.2.3 are susceptible to SQL injection due to improper input sanitization in the '=n' operator, potentially allowing remote attackers to execute arbitrary SQL commands.