kanboard vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the kanboard package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
H Improperly Controlled Modification of Dynamically-Determined Object Attributes	<1.2.51+ds-1
M SQL Injection	<1.2.51+ds-1
H Incorrect Authorization	<1.2.50+ds-1
L Authorization Bypass Through User-Controlled Key	<1.2.50+ds-1
L Missing Authorization	<1.2.50+ds-1
H Cross-site Request Forgery (CSRF)	<1.2.50+ds-1
L Improper Authentication	<1.2.49+ds-1
M Open Redirect	<1.2.49+ds-1
M LDAP Injection	<1.2.49+ds-1
M Missing Authorization	<1.2.26+ds-4
H Directory Traversal	<1.2.44+ds-1
H Directory Traversal	<1.2.44+ds-1
H SQL Injection	<1.2.31+ds-1
M Insufficient Session Expiration	<1.2.44+ds-1
M Cross-site Scripting (XSS)	<1.2.26+ds-3
M Authorization Bypass Through User-Controlled Key	<1.2.44+ds-1
H Weak Password Recovery Mechanism for Forgotten Password	<1.2.47+ds-1
H Deserialization of Untrusted Data	<1.2.47+ds-1
M Authorization Bypass Through User-Controlled Key	<1.2.26+ds-4
M Directory Traversal	<1.2.47+ds-1
M Cross-site Scripting (XSS)	<1.2.26+ds-4
M Cross-site Scripting (XSS)	<1.2.44+ds-1
M CVE-2025-52576	<1.2.47+ds-1
M Cross-site Scripting (XSS)	<1.2.44+ds-1
M Cross-site Scripting (XSS)	<1.2.47+ds-1
M Missing Authorization	<1.2.26+ds-4