Количество 3
Количество 3
CVE-2026-25565
WeKan versions prior to 8.19 contain an authorization vulnerability where certain card update API paths validate only board read access rather than requiring write permission. This can allow users with read-only roles to perform card updates that should require write access.
CVE-2026-25565
WeKan versions prior to 8.19 contain an authorization vulnerability wh ...
GHSA-7c8j-xhpq-ww8c
WeKan versions prior to 8.19 contain an authorization vulnerability where certain card update API paths validate only board read access rather than requiring write permission. This can allow users with read-only roles to perform card updates that should require write access.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-25565 WeKan versions prior to 8.19 contain an authorization vulnerability where certain card update API paths validate only board read access rather than requiring write permission. This can allow users with read-only roles to perform card updates that should require write access. | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| CVE-2026-25565 WeKan versions prior to 8.19 contain an authorization vulnerability wh ... | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
| GHSA-7c8j-xhpq-ww8c WeKan versions prior to 8.19 contain an authorization vulnerability where certain card update API paths validate only board read access rather than requiring write permission. This can allow users with read-only roles to perform card updates that should require write access. | CVSS3: 6.5 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу