CNNVD-202601-846 Information

CNNVD ID

CNNVD-202601-846

Related CVE

CVE-2025-65922

• CNNVD Published: 2026-01-05

Description (Chinese)

Planka是Planka开源的一个使用 React 和 Redux 构建的类似 Trello 的看板。 Planka 2.0.0版本存在安全漏洞，该漏洞源于缺少X-Frame-Options和CSP frame-ancestors标头，可能导致钓鱼攻击。

Description (English)

Planka is a Trello-like panel built with React and Redux from Planka Open Source. Version 2.0.0 of Planka has a security loophole, which stems from the lack of X-Frame-Options and CSP flag-ancestores, which may lead to fishing attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Planka

Published

2026-01-05

Last Modified

2026-02-24

References

https://github.com/09OHs/CVE/blob/e67290bef68d35980d10fd87c9c4403d8e40fc2c/CVE-2025-65922/CVE-2025-65922.pdf https://github.com/plankanban/planka https://access.redhat.com/security/cve/cve-2025-65922