Количество 3
Количество 3
CVE-2026-25566
WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user can specify a destination board/list/swimlane without adequate authorization checks for the destination and without validating that destination objects belong to the destination board, potentially enabling unauthorized cross-board moves.
CVE-2026-25566
WeKan versions prior to 8.19 contain an authorization vulnerability in ...
GHSA-62j7-j842-x6r6
WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user can specify a destination board/list/swimlane without adequate authorization checks for the destination and without validating that destination objects belong to the destination board, potentially enabling unauthorized cross-board moves.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-25566 WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user can specify a destination board/list/swimlane without adequate authorization checks for the destination and without validating that destination objects belong to the destination board, potentially enabling unauthorized cross-board moves. | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
| CVE-2026-25566 WeKan versions prior to 8.19 contain an authorization vulnerability in ... | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
| GHSA-62j7-j842-x6r6 WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user can specify a destination board/list/swimlane without adequate authorization checks for the destination and without validating that destination objects belong to the destination board, potentially enabling unauthorized cross-board moves. | CVSS3: 5.4 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу