RSS   Podatności dla 'Wekan'   RSS

2021-02-10
 
CVE-2021-20654

CWE-79
 

 
Wekan, open source kanban board system, between version 3.12 and 4.11, is vulnerable to multiple stored cross-site scripting. This is named 'Fieldbleed' in the vendor's site.

 
2021-01-26
 
CVE-2021-3309

CWE-295
 

 
packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,

 
2018-06-26
 
CVE-2018-1000549

CWE-200
 

 
Wekan version 1.04.0 contains a Email / Username Enumeration vulnerability in Register' and 'Forgot your password?' pages that can result in A remote attacker could perform a brute force attack to obtain valid usernames and email addresses.. This attack appear to be exploitable via HTTP Request.

 


Copyright 2024, cxsecurity.com

 

Back to Top