Skip to main content

CVE-2023-31779

Description

Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature.

NVD
Severity: MEDIUM
CVE ID: CVE-2023-31779
CVSS Score: 5.4
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Refrence: NVD MITRE

Proof Of Concept

jet-pentest

Refrence: GitHub

Description
Proof Of Concept