Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
kanboard vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-33968
Kanboard is open source project management software that focuses on the Kanban methodology. Versions before 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any project within the software, even if ...
Kanboard Kanboard
5.4
CVSSv3
CVE-2023-33969
Kanboard is open source project management software that focuses on the Kanban methodology. A stored Cross site scripting (XSS) allows an malicious user to execute arbitrary Javascript and any user who views the task containing the malicious code will be exposed to the XSS attack...
Kanboard Kanboard
6.5
CVSSv3
CVE-2023-33970
Kanboard is open source project management software that focuses on the Kanban methodology. A vulnerability related to a `missing access control` was found, which allows a User with the lowest privileges to leak all the tasks and projects titles within the software, even if they ...
Kanboard Kanboard
8.8
CVSSv3
CVE-2023-36813
Kanboard is project management software that focuses on the Kanban methodology. In versions before 1.2.31authenticated user is able to perform a SQL Injection, leading to a privilege escalation or loss of confidentiality. It appears that in some insert and update operations, the ...
Kanboard Kanboard
6.1
CVSSv3
CVE-2019-7324
app/Core/Paginator.php in Kanboard prior to 1.2.8 has XSS in pagination sorting.
Kanboard Kanboard
8.8
CVSSv3
CVE-2017-12850
An authenticated standard user could reset the password of other users (including the admin) by altering form data. Affects kanboard prior to 1.0.46.
Kanboard Kanboard
8.8
CVSSv3
CVE-2017-12851
An authenticated standard user could reset the password of the admin by altering form data. Affects kanboard prior to 1.0.46.
Kanboard Kanboard
5.4
CVSSv3
CVE-2023-32685
Kanboard is project management software that focuses on the Kanban methodology. Due to improper handling of elements under the `contentEditable` element, maliciously crafted clipboard content can inject arbitrary HTML tags into the DOM. A low-privileged attacker with permission t...
Kanboard Kanboard
4.8
CVSSv3
CVE-2024-22720
Kanboard 1.2.34 is vulnerable to Html Injection in the group management feature.
Kanboard Kanboard 1.2.34
4.3
CVSSv3
CVE-2019-1003020
A server-side request forgery vulnerability exists in Jenkins Kanboard Plugin 1.5.10 and previous versions in KanboardGlobalConfiguration.java that allows attackers with Overall/Read permission to submit a GET request to an attacker-specified URL.
Jenkins Kanboard
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3