CNNVD-202602-1239 Information
CNNVD ID
CNNVD-202602-1239
Related CVE
- CNNVD Published: 2026-02-08
Description (Chinese)
WeKan是WeKan开源的一个看板应用程序。 WeKan 8.20及之前版本存在访问控制错误漏洞,该漏洞源于对组件Administrative Repair Handler的文件server/methods/fixDuplicateLists.js操作不当,可能导致访问控制不当。
Description (English)
Wekan is a panel application from WeKan Open Source. Wekan 8.20 and previous versions have access control bugs, which stem from the inappropriate operation of documentserver/methods/fixDuplicateLists.js for component Administrative Repair Handler, which may lead to inappropriate access controls.
Hazard Level
High
Vulnerability Type
访问控制错误
Affected Vendor
WeKan
Published
2026-02-08
Last Modified
2026-02-24
References
https://github.com/wekan/wekan/ https://vuldb.com/?ctiid.344920 https://vuldb.com/?submit.752162 https://github.com/wekan/wekan/commit/4ce181d17249778094f73d21515f7f863f554743 https://github.com/wekan/wekan/releases/tag/v8.21 https://vuldb.com/?id.344920 https://access.redhat.com/security/cve/cve-2026-2206
Patch
https://github.com/wekan/wekan/releases
Share on: