Cross-Site Scripting in Kanboard by Kanboard Inc.

CVE-2019-7324

What is CVE-2019-7324?

In Kanboard versions prior to 1.2.8, a vulnerability exists in the app/Core/Paginator.php file that allows for Cross-Site Scripting (XSS) attacks via pagination sorting. This security flaw can be exploited by an attacker to inject malicious scripts, potentially affecting users who interact with the pagination features. It is crucial for users of affected Kanboard versions to apply the latest security updates to mitigate this risk.

References