CNNVD-202602-1236 Information
CNNVD ID
CNNVD-202602-1236
Related CVE
- CNNVD Published: 2026-02-08
Description (Chinese)
WeKan是WeKan开源的一个看板应用程序。 WeKan 8.18及之前版本存在授权问题漏洞,该漏洞源于对组件Custom Translation Handler的文件client/components/settings/translationBody.js中函数setCreateTranslation操作不当,可能导致授权不当。
Description (English)
Wekan is a panel application from WeKan Open Source. Wekan 8.18 and previous versions have a mandate gap, which stems from the inappropriate operation of the setCreateTranslation function in the document clit/components/settlings/translationBody.js of the component Custodial Transport Handler, which may lead to improper authorization.
Hazard Level
High
Vulnerability Type
授权问题
Affected Vendor
WeKan
Published
2026-02-08
Last Modified
2026-02-24
References
https://github.com/wekan/wekan/ https://github.com/wekan/wekan/commit/f244a43771f6ebf40218b83b9f46dba6b940d7de https://vuldb.com/?id.344923 https://github.com/wekan/wekan/releases/tag/v8.19 https://vuldb.com/?ctiid.344923 https://vuldb.com/?submit.752269 https://access.redhat.com/security/cve/cve-2026-2209
Patch
https://github.com/wekan/wekan/releases
Share on: