2 matches found
CVE-2025-65922
PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be embedded within malicious iframes. While this does not lead to unintended modification of projects or tasks, it exposes users to Phishing attacks. Attackers can frame the legitimate Planka applicati...
PT-2026-1317
Name of the Vulnerable Software and Affected Versions PLANKA version 2.0.0 Description The application does not implement X-Frame-Options and CSP frame-ancestors headers, which allows it to be embedded within malicious iframes. This can expose users to phishing attacks through UI Redressing,...