logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2024-54001

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2024-54001

Description:
Kanboard is project management software that focuses on the Kanban methodology. HTML can be injected and stored into the application settings section. The fields application_language, application_date_format,application_timezone and application_time_format allow arbirary user input which is reflected. The vulnerability can become xss if the user input is javascript code that bypass CSP. This vulnerability is fixed in 1.2.41.
Last updated date:
03/10/2025
Type:
exploit
Confidence:
HIGH
Date of publishing:
03/10/2025
Reference url to background

https://github.com/kanboard/kanboard/security/advisories/GHSA-4vvp-jf72-chrj

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2025

Privacy Policy