CVE-2023-31779
Description
Wekan v6.84 and earlier is vulnerable to Cross Site Scripting (XSS). An attacker with user privilege on kanban board can insert JavaScript code in in "Reaction to comment" feature.
NVD
Severity: MEDIUM
CVE ID: CVE-2023-31779
CVSS Score: 5.4
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Proof Of Concept
jet-pentest
Refrence: GitHub