CVE-2026-21879

Name of the Vulnerable Software and Affected Versions Kanboard versions 1.2.48 and below

Description Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below are susceptible to an Open Redirect issue, allowing attackers to redirect authenticated users to malicious websites. Attackers can bypass the filter var($url, FILTER VALIDATE URL) validation check by crafting URLs such as //evil.com. This could be used to conduct phishing attacks, steal user credentials, or distribute malware.

Recommendations Update Kanboard to version 1.2.49 or later.