Vulnerabilities > Kanboard > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-36399 | Authorization Bypass Through User-Controlled Key vulnerability in Kanboard Kanboard is project management software that focuses on the Kanban methodology. | 6.3 |
| 2024-01-24 | CVE-2024-22720 | Cross-site Scripting vulnerability in Kanboard 1.2.34 Kanboard 1.2.34 is vulnerable to Html Injection in the group management feature. | 4.8 |
| 2023-06-05 | CVE-2023-33956 | Authorization Bypass Through User-Controlled Key vulnerability in Kanboard Kanboard is open source project management software that focuses on the Kanban methodology. | 6.5 |
| 2023-06-05 | CVE-2023-33968 | Missing Authorization vulnerability in Kanboard Kanboard is open source project management software that focuses on the Kanban methodology. | 5.4 |
| 2023-06-05 | CVE-2023-33969 | Cross-site Scripting vulnerability in Kanboard Kanboard is open source project management software that focuses on the Kanban methodology. | 5.4 |
| 2023-06-05 | CVE-2023-33970 | Missing Authorization vulnerability in Kanboard Kanboard is open source project management software that focuses on the Kanban methodology. | 6.5 |
| 2023-05-30 | CVE-2023-32685 | Cross-site Scripting vulnerability in Kanboard Kanboard is project management software that focuses on the Kanban methodology. | 5.4 |
| 2019-02-04 | CVE-2019-7324 | Cross-site Scripting vulnerability in Kanboard app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination sorting. | 4.3 |
| 2017-10-11 | CVE-2017-15212 | Information Exposure vulnerability in Kanboard In Kanboard before 1.0.47, by altering form data, an authenticated user can at least see the names of tags of a private project of another user. | 4.0 |
| 2017-10-11 | CVE-2017-15211 | Authorization Bypass Through User-Controlled Key vulnerability in Kanboard In Kanboard before 1.0.47, by altering form data, an authenticated user can add an external link to a private project of another user. | 4.0 |