EPSS
Percentile
29.6%
Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in βReaction to commentβ feature.
github.com/wekan/wekan/blob/master/CHANGELOG.md
github.com/wekan/wekan/commit/47ac33d6c234359c31d9b5eae49ed3e793907279