Lauri Ojansivu

32 exploits Active since May 2023
CVE-2026-25563 WRITEUP HIGH WRITEUP
WeKan < 8.19 - Authorization Bypass via Checklist Creation IDOR
WeKan versions prior to 8.19 contain an insecure direct object reference (IDOR) in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers.
CVSS 7.5
CVE-2026-25564 WRITEUP HIGH WRITEUP
WeKan < 8.19 - Insecure Direct Object Reference via Checklist Card-Board Relationship Tampering
WeKan versions prior to 8.19 contain an insecure direct object reference (IDOR) in checklist creation and related checklist routes. The implementation does not verify that the supplied cardId belongs to the supplied boardId, allowing cross-board ID tampering by manipulating identifiers.
CVSS 7.5
CVE-2026-25565 WRITEUP MEDIUM WRITEUP
WeKan < 8.19 - Incorrect Authorization in Card Update API
WeKan versions prior to 8.19 contain an authorization vulnerability where certain card update API paths validate only board read access rather than requiring write permission. This can allow users with read-only roles to perform card updates that should require write access.
CVSS 6.5
CVE-2026-25566 WRITEUP MEDIUM WRITEUP
WeKan < 8.19 - Incorrect Authorization in Card Move Logic
WeKan versions prior to 8.19 contain an authorization vulnerability in card move logic. A user can specify a destination board/list/swimlane without adequate authorization checks for the destination and without validating that destination objects belong to the destination board, potentially enabling unauthorized cross-board moves.
CVSS 5.4
CVE-2026-25567 WRITEUP MEDIUM WRITEUP
WeKan < 8.19 - Authenticated Comment Author Spoofing via authorId Parameter
WeKan versions prior to 8.19 contain an insecure direct object reference (IDOR) in the card comment creation API. The endpoint accepts an authorId from the request body, allowing an authenticated user to spoof the recorded comment author by supplying another user's identifier.
CVSS 4.3
CVE-2026-25568 WRITEUP MEDIUM WRITEUP
WeKan < 8.19 - Incorrect Authorization via allowPrivateOnly Setting Bypass
WeKan versions prior to 8.19 contain an authorization logic vulnerability where the instance configuration setting allowPrivateOnly is not sufficiently enforced at board creation time. When allowPrivateOnly is enabled, users can still create public boards due to incomplete server-side enforcement.
CVSS 4.3
CVE-2026-25859 WRITEUP HIGH WRITEUP
Wekan < 8.20 - Incorrect Authorization in Migration Functionality
Wekan versions prior to 8.20 allow non-administrative users to access migration functionality due to insufficient permission checks, potentially resulting in unauthorized migration operations.
CVSS 8.8