OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the oauth2.php file in OpenSTAManager is an unauthenticated endpoint ($skippermissions = true). It loads a record from the zzoauth2 table using the attacker-controlled GET parameter state, and during the OAuth2 configuration flow calls unserialize() on the access_token field without any class restriction. This issue has been patched in version 2.10.2.
{
"cna_assigner": "GitHub_M",
"cwe_ids": [
"CWE-502"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/29xxx/CVE-2026-29782.json"
}{
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "2.10.2"
}
],
"cpe": "cpe:2.3:a:devcode:openstamanager:*:*:*:*:*:*:*:*",
"source": [
"CPE_RANGE",
"REFERENCES"
]
}