WeKan 代码问题漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions 8.32 and 8.33 of WeKan have code vulnerabilities. These vulnerabilities stem from server-side request forgery, which may lead to arbitrary HTTP requests and access to internal network services...

EUVD-2026-5711

WeKan versions prior to 8.19 contain an authorization weakness in the attachment upload API. The API does not fully validate that provided identifiers such as boardId, cardId, swimlaneId, and listId are consistent and refer to a coherent card/board relationship, enabling attempts to upload...

EUVD-2026-5709

WeKan versions prior to 8.19 contain an insecure direct object reference IDOR in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers...

WeKan 安全漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to 8.20 contained security vulnerabilities. These vulnerabilities were caused by operations on unknown functions in the file server/methods/positionHistory.js, resulting in a lack of authorization...