Vulnerability Description
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the task_id parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file anywhere on the system the app user controls. The impact is limited due to the filename being hashed and having no extension. This issue has been patched in version 1.2.47.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kanboard | Kanboard | < 1.2.47 |
Related Weaknesses (CWE)
References
- https://github.com/kanboard/kanboard/blob/b2e35ac520add67cff792aab960b3c002c48e3Product
- https://github.com/kanboard/kanboard/commit/523a6135e944b6884c091a3fd7605af8ef13Patch
- https://github.com/kanboard/kanboard/security/advisories/GHSA-26f4-rx96-xc55ExploitThird Party Advisory
- https://github.com/kanboard/kanboard/security/advisories/GHSA-26f4-rx96-xc55ExploitThird Party Advisory
FAQ
What is CVE-2025-55011?
CVE-2025-55011 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the task_id parameter is a valid...
How severe is CVE-2025-55011?
CVE-2025-55011 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-55011?
Check the references section above for vendor advisories and patch information. Affected products include: Kanboard Kanboard.