CVE-2026-21879

MEDIUM

kanboard < 1.2.49 - Open Redirect via URL Validation Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-21879. PoCs published by HUSEYNKHANLI.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2026-21879, an open redirect vulnerability in Kanboard ≤1.2.48. The exploit leverages protocol-relative URLs to bypass URL validation and redirect users to attacker-controlled domains post-authentication.

Description

Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below are vulnerable to an Open Redirect attack that allows malicious actors to redirect authenticated users to attacker-controlled websites. By crafting URLs such as //evil.com, attackers can bypass the filter_var($url, FILTER_VALIDATE_URL) validation check. This vulnerability could be exploited to conduct phishing attacks, steal user credentials, or distribute malware. The issue is fixed in version 1.2.49.

Exploits (1)

github WORKING POC 1 stars
by HUSEYNKHANLI · pythonpoc
https://github.com/HUSEYNKHANLI/CVEs/tree/main/CVE-2026-21879

This repository contains a functional exploit for CVE-2026-21879, an open redirect vulnerability in Kanboard ≤1.2.48. The exploit leverages protocol-relative URLs to bypass URL validation and redirect users to attacker-controlled domains post-authentication.

Classification
Working Poc 100%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Kanboard ≤1.2.48
No auth needed
Prerequisites: A target running Kanboard ≤1.2.48 · A victim user to click the crafted URL
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 4.7
EPSS 0.0026
EPSS Percentile 17.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-601
Status published
Products (1)
kanboard/kanboard < 1.2.49
Published Jan 08, 2026
Tracked Since Feb 18, 2026