CNNVD-202602-877 Information

CNNVD ID

CNNVD-202602-877

Related CVE

CVE-2026-1897

• CNNVD Published: 2026-02-05

Description (Chinese)

WeKan是WeKan开源的一个看板应用程序。 WeKan 8.20及之前版本存在安全漏洞，该漏洞源于对文件server/methods/positionHistory.js中未知功能的操作导致缺少授权。

Description (English)

Wekan is a panel application from WeKan Open Source. Wekan 8.20 and previous versions had a security loophole, resulting from the lack of authorization for the operation of unknown functions in document server/methods/positionHistory.js.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

WeKan

Published

2026-02-05

Last Modified

2026-02-24

References

https://github.com/wekan/wekan/ https://github.com/wekan/wekan/commit/55576ec17722db094835470b386162c9a662fb60 https://github.com/wekan/wekan/releases/tag/v8.21 https://vuldb.com/?ctiid.344269 https://vuldb.com/?id.344269 https://vuldb.com/?submit.742671

Patch

https://github.com/wekan/wekan/releases