Kanboard: >> Kanboard >> 1.0.4 Security Vulnerabilities
An authenticated standard user could reset the password of other users (including the admin) by altering form data. Affects kanboard before 1.0.46.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-08-14
An authenticated standard user could reset the password of the admin by altering form data. Affects kanboard before 1.0.46.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-08-14
Cross-site request forgery (CSRF) vulnerability in Kanboard before 1.0.6 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a save action to the default URI.
CVSS Score
6.8
EPSS Score
0.001
Published
2014-07-03
Page 5