CVE-2025-65782

Name of the Vulnerable Software and Affected Versions Wekan versions prior to 18.16

Description An authorization flaw exists in the card update handling process. This flaw allows board members, and potentially other authenticated users, to manipulate user IDs within the vote.positive and vote.negative arrays. This manipulation enables vote forgery and unauthorized voting. The affected system is an open-source kanban board.

Recommendations Update to version 18.16 or later.