CNNVD-202506-3194 Information
CNNVD ID
CNNVD-202506-3194
Related CVE
- CNNVD Published: 2025-06-25
Description (Chinese)
Kanboard是Kanboard开源的一套开源的可视化任务板软件。该软件能够根据业务定制面板。 Kanboard 1.2.46之前版本存在安全漏洞,该漏洞源于用户名枚举和IP欺骗可能导致暴力破解保护绕过。
Description (English)
Kanboard is an open-source, visualized taskboard software for Kanboard. The software is able to customize the panel according to business. There was a security loophole in the previous version of Kanboard 1.2.46, which stemmed from the fact that user naming and IP deception could lead to violent breakdowns of protection bypasses.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Kanova
Published
2025-06-25
Last Modified
2026-02-24
References
https://github.com/kanboard/kanboard/security/advisories/GHSA-qw57-7cx6-wvp7 https://github.com/kanboard/kanboard/commit/3079623640dc39f9c7b0c840d2a79095331051f1 https://github.com/kanboard/kanboard/blob/cbb7e60fb595ff4572bb8801b275a0b451c4bda0/app/Subscriber/AuthSubscriber.php#L96-L108 https://github.com/kanboard/kanboard/blob/cbb7e60fb595ff4572bb8801b275a0b451c4bda0/app/Model/UserLockingModel.php#L101-L104 https://nvd.nist.gov/vuln/detail/CVE-2025-52576
Patch
https://kanboard.org/releases.html
Share on: