In Kanboard before 1.0.47, by altering form data, an authenticated user can add automatic actions to a private project of another user.
In Kanboard before 1.0.47, by altering form data, an authenticated user can add automatic actions to a private project of another user.