CVE-2026-33058
Kanboard has Authenticated SQL Injection in Project Permissions Handler
Kanboard is project management software focused on Kanban methodology. Versions prior to 1.2.51 have an authenticated SQL injection vulnerability. Attackers with the permission to add users to a project can leverage this vulnerability to dump the entirety of the kanboard database. Version 1.2.51 fixes the issue.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N
Produtos afetados
kanboard · kanboardQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →