Vulnerabilities (CVE)

Filtered by vendor Wekan Project Subscribe

Filtered by product Wekan

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-20654	1 Wekan Project	1 Wekan	2021-02-16	3.5 LOW	5.4 MEDIUM
Wekan, open source kanban board system, between version 3.12 and 4.11, is vulnerable to multiple stored cross-site scripting. This is named 'Fieldbleed' in the vendor's site.
CVE-2018-1000549	1 Wekan Project	1 Wekan	2020-08-03	5.0 MEDIUM	5.3 MEDIUM
Wekan version 1.04.0 contains a Email / Username Enumeration vulnerability in Register' and 'Forgot your password?' pages that can result in A remote attacker could perform a brute force attack to obtain valid usernames and email addresses.. This attack appear to be exploitable via HTTP Request.