CNNVD-202602-878 Information

CNNVD ID

CNNVD-202602-878

Related CVE

CVE-2026-1896

• CNNVD Published: 2026-02-05

Description (Chinese)

WeKan是WeKan开源的一个看板应用程序。 WeKan 8.20及之前版本存在访问控制错误漏洞，该漏洞源于对文件server/migrations/comprehensiveBoardMigration.js中参数的操作导致访问控制不当。

Description (English)

Wekan is a panel application from WeKan Open Source. Wekan 8.20 and previous versions have access control bugs, which stem from inappropriate access controls resulting from the operation of the parameters in the document server/migrations/comprehenceBoardMigration.js.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

WeKan

Published

2026-02-05

Last Modified

2026-02-24

References

https://github.com/wekan/wekan/ https://github.com/wekan/wekan/commit/cc35dafef57ef6e44a514a523f9a8d891e74ad8f https://github.com/wekan/wekan/releases/tag/v8.21 https://vuldb.com/?ctiid.344268 https://vuldb.com/?id.344268 https://vuldb.com/?submit.742670

Patch

https://github.com/wekan/wekan/releases