Primary

Context

Plane User Email Modification Vulnerability Leading to Account Takeover

Vulnerability

Patched

A vulnerability exists in Plane project management software versions prior to 0.23, where insecure permissions in the UserSerializer allow users to modify read-only fields, such as email. This flaw can result in account takeover when combined with another vulnerability, like cross-site scripting (XSS).

Impact

Exploitation of this vulnerability allows users to change their email addresses to one controlled by them, potentially leading to unauthorized access to their accounts, especially when used with an XSS vulnerability.

Reproduction

To reproduce this vulnerability, send a PATCH request to the '/api/users/me' endpoint with a JSON body containing the new email address. The request will be accepted, allowing the email to be changed to one controlled by the attacker.

Remediation

Users should update to Plane version 0.23 or later, where this vulnerability has been fixed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.6

remediation

7.7

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Plane User Email Modification Vulnerability Leading to Account Takeover

Vulnerability

Impact

Reproduction

Remediation

Affected Products

makeplane plane

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating