Vulnerabilities > Wekan Project > Wekan > 5.26
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-26 | CVE-2023-28485 | Cross-site Scripting vulnerability in Wekan Project Wekan A stored cross-site scripting (Stored XSS) vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. | 5.4 |
| 2023-05-22 | CVE-2023-31779 | Cross-site Scripting vulnerability in Wekan Project Wekan Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). | 5.4 |