CNNVD-202601-1570 Information
CNNVD ID
CNNVD-202601-1570
Related CVE
- CNNVD Published: 2026-01-08
Description (Chinese)
Kanboard是Kanboard开源的一套开源的可视化任务板软件。该软件能够根据业务定制面板。 Kanboard 1.2.48及之前版本存在安全漏洞,该漏洞源于启用REVERSE_PROXY_AUTH时存在认证绕过,可能导致攻击者冒充任何用户。
Description (English)
Kanboard is an open-source, visualized taskboard software for Kanboard. The software is able to customize the panel according to business. There is a security loophole in the Kanboard 1.2.48 and previous versions, which stems from the presence of an authentication bypass when REVERSE PROXY AUTH was enabled, which could result in the attackers impersonating any user.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
Kanboard
Published
2026-01-08
Last Modified
2026-02-24
References
https://github.com/kanboard/kanboard/commit/7af6143e2ad25b5c15549cca8af4341c7ac4e2fc https://github.com/kanboard/kanboard/releases/tag/v1.2.49 https://github.com/kanboard/kanboard/security/advisories/GHSA-wwpf-3j4p-739w
Patch
https://kanboard.org/releases.html
Share on: