Browse all 5 CVE security advisories affecting Rukovoditel. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Rukovoditel serves as a project and task management system for organizations, facilitating workflow tracking and team collaboration. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues due to insufficient input validation and access control mechanisms. The application's five recorded CVEs highlight recurring problems in authentication and session management. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests potential for unauthorized system compromise and data breaches. Organizations implementing Rukovoditel should prioritize timely patching and harden configurations against common web attack vectors to mitigate risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-31845 | Rukovoditel CRM 安全漏洞 — Rukovoditel CRMCWE-79 | 9.3 | Critical | 2026-04-11 |
| CVE-2023-53913 | Rukovoditel 3.3.1 CSV Injection via User Account Export — RukovoditelCWE-1236 | 8.8 | High | 2025-12-17 |
| CVE-2023-53898 | Rukovoditel 3.4.1 Multiple Stored Cross-Site Scripting via Configuration — RukovoditelCWE-79 | 5.4 | Medium | 2025-12-16 |
| CVE-2023-53897 | Rukovoditel 3.4.1 Multiple Stored Cross-Site Scripting via Comments — RukovoditelCWE-79 | 5.4 | Medium | 2025-12-16 |
| CVE-2020-13590 | Rukovoditel SQL注入漏洞 — Project Management AppCWE-89 | 8.8 | - | 2022-04-18 |
This page lists every published CVE security advisory associated with Rukovoditel. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.