5 matches found
CVE-2026-1964
CVE-2026-1964 affects WeKan up to version 8.20, in the REST Endpoint’s models/boards.js, causing improper access controls. The vulnerability enables remote exploitation as described across multiple sources, with upgrade to 8.21 and official patch 545566f5663545d16174e0f2399f231aa693ab6e recommend...
PT-2026-6076
Name of the Vulnerable Software and Affected Versions WeKan versions prior to 8.21 Description A flaw exists in WeKan related to missing authorization within the Position-History Tracking component, specifically in the file server/methods/positionHistory.js. This issue allows for remote...
CVE-2026-1896
A vulnerability has been found in WeKan up to 8.20. Affected by this vulnerability is the function ComprehensiveBoardMigration of the file server/migrations/comprehensiveBoardMigration.js of the component Migration Operation Handler. The manipulation of the argument boardId leads to improper acce...
CVE-2026-1896 WeKan Migration Operation comprehensiveBoardMigration.js ComprehensiveBoardMigration MigrationBleed access control
A vulnerability has been found in WeKan up to 8.20. Affected by this vulnerability is the function ComprehensiveBoardMigration of the file server/migrations/comprehensiveBoardMigration.js of the component Migration Operation Handler. The manipulation of the argument boardId leads to improper acce...
CVE-2021-22731
Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM and MCSESP V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker...