CNNVD-202508-1069 Information

Aug 12, 2025 cve

CNNVD ID

CNNVD-202508-1069

CVE-2025-55010

CNNVD Published: 2025-08-12

Description (Chinese)

Kanboard是Kanboard开源的一套开源的可视化任务板软件。该软件能够根据业务定制面板。 Kanboard 1.2.47之前版本存在安全漏洞，该漏洞源于ProjectEventActvityFormatter反序列化不当，可能导致远程代码执行。

Description (English)

Kanboard is an open-source, visualized taskboard software for Kanboard. The software is able to customize the panel according to business. The previous version of Kanboard 1.2.47 had a security loophole, which stemmed from the inappropriate anti-sequencing of ProjectEvent ActivityFormatter, which could lead to remote code execution.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Kanboard

Published

2025-08-12

Last Modified

2026-02-24

References

https://github.com/kanboard/kanboard/blob/b033c0e0f982f8158e240bce8ab54c29727f8efe/app/Formatter/ProjectActivityEventFormatter.php#L43-L57 https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r https://github.com/kanboard/kanboard/commit/7148ac092e5db6b33e0fc35e04bca328d96c1f6f https://nvd.nist.gov/vuln/detail/CVE-2025-55010

Patch

https://github.com/kanboard/kanboard/releases

Share on: