Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-05-22T00:00:00

Updated: 2024-08-02T14:56:35.602Z

Reserved: 2023-04-29T00:00:00

Link: CVE-2023-31779

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-05-22T13:15:09.913

Modified: 2024-11-21T08:02:15.617

Link: CVE-2023-31779

cve-icon Redhat

No data.