Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-05-22T00:00:00
Updated: 2024-08-02T14:56:35.602Z
Reserved: 2023-04-29T00:00:00
Link: CVE-2023-31779
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-05-22T13:15:09.913
Modified: 2024-11-21T08:02:15.617
Link: CVE-2023-31779
Redhat
No data.