CVE-2026-25773: Focalboard SQL Injection Vulnerability
Plattform
mattermost
Komponente
focalboard
CVE-2026-25773 describes a SQL Injection vulnerability affecting Focalboard. Specifically, the application fails to sanitize category IDs, allowing an attacker to inject malicious SQL payloads. Successful exploitation could lead to the exfiltration of sensitive data, including password hashes. This vulnerability affects Focalboard versions 0 through 8.0. As Focalboard is no longer maintained, there is no official patch available.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2026-25773?
CVE-2026-25773 is a SQL Injection vulnerability in Focalboard versions 0 through 8.0. It allows attackers to inject malicious SQL code via unsanitized category IDs.
Am I affected by CVE-2026-25773?
You are affected if you are using Focalboard versions 0 through 8.0. This vulnerability allows for sensitive data exfiltration.
How do I fix or mitigate CVE-2026-25773?
As Focalboard is no longer maintained, there is no official patch available. Consider migrating to a supported alternative to mitigate this vulnerability.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten