CVE-2023-33969
CVE-2023-33969 affects Kanboard. It's a stored XSS in the Task External Link functionality (stored script executed when viewing a task). Impact: arbitrary JavaScript execution for users who view the malicious task; default CSP blocks this attack. The issue is addressed in version 1.2.30; upgrade ...