CVE-2024-36399

Name of the Vulnerable Software and Affected Versions Kanboard versions prior to 1.2.37

Description The issue is related to the Kanban methodology-based project management software, Kanboard. It involves a vulnerability in the addUser() function within the ProjectPermissionController.php file. Specifically, the user's permission to add users to a project is only checked based on the URL parameter project id. If the user is authorized for this project, the request is processed without re-checking the permission for the project id parameter in the POST body. This allows an attacker with 'Project Manager' privileges on a single project to potentially take over any other project.

Recommendations For versions prior to 1.2.37, upgrade to version 1.2.37 to fix the vulnerability. As a temporary workaround, consider restricting access to the addUser() function in the ProjectPermissionController.php file until the update is applied. Additionally, ensure that project managers' privileges are carefully managed to minimize the risk of exploitation.