CVE-2025-46825 | Kanboard up to 1.2.44 Name cross site scripting (GHSA-5wj3-c9v4-pj9v)

Inserito da Angelo Barbosa | Mag 13, 2025 | CVE

A vulnerability was found in Kanboard up to 1.2.44. It has been classified as problematic. This affects an unknown part of the file /?controller=ProjectCreationController&action=create. The manipulation of the argument Name leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-46825. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-46825 | Kanboard up to 1.2.44 Name cross site scripting (GHSA-5wj3-c9v4-pj9v)

Post correlati

CVE-2024-53781 | Home Junction SpatialMatch IDX Plugin up to 3.0.9 on WordPress cross-site request forgery

CVE-2024-27122 | QNAP Notes Station 3 up to 3.9.5 cross site scripting (qsa-24-21)

CVE-2023-6582 | ElementsKit Lite Plugin up to 3.0.3 on WordPress information disclosure

CVE-2024-28118 | grav up to 1.7.44 Twig Extension Class code injection