CVE-2023-31779 Information

May 23, 2023 cve

Description

Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in \Reaction to comment\ feature.

Reference

https://github.com/wekan/wekan/blob/master/CHANGELOG.md https://github.com/wekan/wekan/commit/47ac33d6c234359c31d9b5eae49ed3e793907279

Share on: