PT-2026-6944 · Wekan · Wekan
Megamansec
·
Publicado
2026-02-08
·
Atualizado
2026-02-08
·
CVE-2026-2205
CVSS v3.1
4.3
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Wekan versions up to 8.20
Description
A flaw exists in Wekan that could allow information disclosure. This issue impacts an unspecified part of the
server/publications/cards.js file within the Meteor Publication Handler component. The attack can be initiated remotely.Recommendations
Upgrade to version 8.21 to resolve this issue.
Correção
Improper Access Control
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Wekan