CNNVD-202601-1572 Information

CNNVD ID

CNNVD-202601-1572

Related CVE

CVE-2026-21880

• CNNVD Published: 2026-01-08

Description (Chinese)

Kanboard是Kanboard开源的一套开源的可视化任务板软件。该软件能够根据业务定制面板。 Kanboard 1.2.48及之前版本存在安全漏洞，该漏洞源于LDAP认证机制存在LDAP注入，可能导致枚举所有LDAP用户。

Description (English)

Kanboard is an open-source, visualized taskboard software for Kanboard. The software is able to customize the panel according to business. There is a security gap in the Kanboard 1.2.48 and previous versions, which stems from the LDAP certification mechanism ’ s LDAP injection, which could lead to the listing of all LDAP users.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Kanboard

Published

2026-01-08

Last Modified

2026-02-24

References

https://github.com/kanboard/kanboard/commit/dd374079f7c2d1dab74c1680960e684ff8668586 https://github.com/kanboard/kanboard/releases/tag/v1.2.49 https://github.com/kanboard/kanboard/security/advisories/GHSA-v66r-m28r-wmq7

Patch

https://kanboard.org/releases.html