Количество 3
Количество 3
CVE-2026-25563
WeKan versions prior to 8.19 contain an insecure direct object reference (IDOR) in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers.
CVE-2026-25563
WeKan versions prior to 8.19 contain an insecure direct object referen ...
GHSA-x9cj-242h-gr3m
WeKan versions prior to 8.19 contain an insecure direct object reference (IDOR) in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-25563 WeKan versions prior to 8.19 contain an insecure direct object reference (IDOR) in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers. | CVSS3: 7.5 | 0% Низкий | около 2 месяцев назад |
| CVE-2026-25563 WeKan versions prior to 8.19 contain an insecure direct object referen ... | CVSS3: 7.5 | 0% Низкий | около 2 месяцев назад |
| GHSA-x9cj-242h-gr3m WeKan versions prior to 8.19 contain an insecure direct object reference (IDOR) in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers. | CVSS3: 7.5 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу