CVE-2023-33968

Name of the Vulnerable Software and Affected Versions Kanboard versions prior to 1.2.30

Description Kanboard is project management software based on the Kanban methodology. A missing access control allows a user with limited privileges to create or move tasks to any project, even those they haven’t been invited to or are personal. The issue affects the Duplicate to project and Move to project features, which use the checkDestinationProjectValues() function.

Recommendations Upgrade to version 1.2.30 or later.