logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2023-33969

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2023-33969

Description:
Kanboard is open source project management software that focuses on the Kanban methodology. A stored Cross site scripting (XSS) allows an attacker to execute arbitrary Javascript and any user who views the task containing the malicious code will be exposed to the XSS attack. Note: The default CSP header configuration blocks this javascript attack. This issue has been addressed in version 1.2.30. Users are advised to upgrade. Users unable to upgrade should ensure that they have a restrictive CSP header config.
Last updated date:
06/12/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
06/12/2023
Reference url to background

https://github.com/kanboard/kanboard/security/advisories/GHSA-8qvf-9847-gpc9

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy