CVE-2026-33058
Kanboard has Authenticated SQL Injection in Project Permissions Handler
Kanboard is project management software focused on Kanban methodology. Versions prior to 1.2.51 have an authenticated SQL injection vulnerability. Attackers with the permission to add users to a project can leverage this vulnerability to dump the entirety of the kanboard database. Version 1.2.51 fixes the issue.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N
Productos afectados
kanboard · kanboard¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →