Source: kanboard X-Debbugs-CC: [email protected] Severity: grave Tags: security
Hi, The following vulnerabilities were published for kanboard. CVE-2026-21879[0]: | Kanboard is project management software focused on Kanban | methodology. Versions 1.2.48 and below are vulnerable to an Open | Redirect attack that allows malicious actors to redirect | authenticated users to attacker-controlled websites. By crafting | URLs such as //evil.com, attackers can bypass the filter_var($url, | FILTER_VALIDATE_URL) validation check. This vulnerability could be | exploited to conduct phishing attacks, steal user credentials, or | distribute malware. The issue is fixed in version 1.2.49. https://github.com/kanboard/kanboard/security/advisories/GHSA-mhv9-7m9w-7hcq https://github.com/kanboard/kanboard/commit/93bcae03301a6d34185a8dba977417e6b3de519f (v1.2.49) CVE-2026-21880[1]: | Kanboard is project management software focused on Kanban | methodology. Versions 1.2.48 and below have an LDAP Injection | vulnerability in the LDAP authentication mechanism. User-supplied | input is directly substituted into LDAP search filters without | proper sanitization, allowing attackers to enumerate all LDAP users, | discover sensitive user attributes, and perform targeted attacks | against specific accounts. This issue is fixed in version 1.2.49. https://github.com/kanboard/kanboard/security/advisories/GHSA-v66r-m28r-wmq7 https://github.com/kanboard/kanboard/commit/dd374079f7c2d1dab74c1680960e684ff8668586 (v1.2.49) CVE-2026-21881[2]: | Kanboard is project management software focused on Kanban | methodology. Versions 1.2.48 and below is vulnerable to a critical | authentication bypass when REVERSE_PROXY_AUTH is enabled. The | application blindly trusts HTTP headers for user authentication | without verifying the request originated from a trusted reverse | proxy. An attacker can impersonate any user, including | administrators, by simply sending a spoofed HTTP header. This issue | is fixed in version 1.2.49. https://github.com/kanboard/kanboard/security/advisories/GHSA-wwpf-3j4p-739w https://github.com/kanboard/kanboard/commit/7af6143e2ad25b5c15549cca8af4341c7ac4e2fc (v1.2.49) If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2026-21879 https://www.cve.org/CVERecord?id=CVE-2026-21879 [1] https://security-tracker.debian.org/tracker/CVE-2026-21880 https://www.cve.org/CVERecord?id=CVE-2026-21880 [2] https://security-tracker.debian.org/tracker/CVE-2026-21881 https://www.cve.org/CVERecord?id=CVE-2026-21881 Please adjust the affected versions in the BTS as needed.
