PT-2026-6946 · Wekan · Wekan
Megamansec
·
Publicado
2026-02-08
·
Atualizado
2026-02-08
·
CVE-2026-2207
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
WeKan versions prior to 8.21
Description
A weakness exists in WeKan related to the Activity Publication Handler component, specifically in the processing of the file
server/publications/activities.js. A manipulation of this component can lead to information disclosure and can be launched remotely.Recommendations
Upgrade to version 8.21 to address the issue.
Correção
Improper Access Control
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Wekan