CVE-2026-1896 | WeKan up to 8.20 Migration Operation comprehensiveBoardMigration.js ComprehensiveBoardMigration boardId MigrationBleed access control

A vulnerability was found in WeKan up to 8.20. It has been rated as critical. Affected by this vulnerability is the function ComprehensiveBoardMigration of the file server/migrations/comprehensiveBoardMigration.js of the component Migration Operation Handler. The manipulation of the argument boardId leads to improper access controls.

This vulnerability is uniquely identified as CVE-2026-1896. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.

CVE-2026-1896 | WeKan up to 8.20 Migration Operation comprehensiveBoardMigration.js ComprehensiveBoardMigration boardId MigrationBleed access control

Post correlati

CVE-2024-1889 | SMA Cluster Controller 01.05.01.R cross-site request forgery

CVE-2023-6305 | SourceCodester Free and Open Source Inventory Management System 1.0 suppliar_data.php columns sql injection

CVE-2024-5619 | PruvaSoft Informatics Apinizer Management Console prior 2024.05.1 authorization

CVE-2024-41659 | usememos up to 0.20.1 cross-domain policy (GHSL-2024-034)