Kanboard affecté par une vulnérabilité Cross-Site Request Forgery (CSRF) via une mauvaise configuration du Content-Type lors de l'affectation de rôles de projet
Plateforme
php
Composant
kanboard
Corrigé dans
1.2.51
CVE-2026-24885 describes a Cross-Site Request Forgery (CSRF) vulnerability discovered in Kanboard, a project management software utilizing the Kanban methodology. This flaw allows unauthorized modification of project user roles if an authenticated administrator visits a malicious website. The vulnerability impacts Kanboard versions 1.2.50 and earlier, and a fix is available in version 1.2.50.
Impact et Scénarios d'Attaquetraduction en cours…
The primary impact of CVE-2026-24885 is the potential for unauthorized modification of project user roles within Kanboard. An attacker could craft a malicious form, leveraging the application's failure to strictly enforce the application/json Content-Type for the changeUserRole action. By tricking an authenticated administrator into visiting this form, the attacker can execute arbitrary actions as that administrator, potentially granting themselves elevated privileges or manipulating project assignments. This could lead to data breaches, project disruption, or unauthorized access to sensitive information managed within Kanboard.
Contexte d'Exploitationtraduction en cours…
CVE-2026-24885 was publicly disclosed on 2026-02-10. No public proof-of-concept (PoC) code has been released at the time of writing. The vulnerability's CVSS score of 5.7 (MEDIUM) suggests a moderate probability of exploitation. It is not currently listed on the CISA KEV catalog.
Qui Est à Risquetraduction en cours…
Organizations utilizing Kanboard for project management, particularly those with administrative users who frequently interact with external websites or applications, are at risk. Shared hosting environments where multiple Kanboard instances reside on the same server could also be vulnerable if one instance is compromised.
Étapes de Détectiontraduction en cours…
• php: Examine Kanboard application logs for suspicious requests with Content-Type: text/plain targeting the changeUserRole endpoint. Use PHP's built-in logging to monitor for unusual activity.
// Example: Monitor for text/plain Content-Type
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_SERVER['CONTENT_TYPE']) && $_SERVER['CONTENT_TYPE'] === 'text/plain') {
error_log('Suspicious request: text/plain Content-Type detected for changeUserRole');
}Chronologie de l'Attaque
- Disclosure
disclosure
Renseignement sur les Menaces
Statut de l'Exploit
EPSS
0.02% (percentile 5%)
CISA SSVC
Vecteur CVSS
Que signifient ces métriques?
- Attack Vector
- Réseau — exploitable à distance via internet. Aucun accès physique ou local requis.
- Attack Complexity
- Faible — aucune condition spéciale requise. Exploitable de manière fiable.
- Privileges Required
- Faible — tout compte utilisateur valide est suffisant.
- User Interaction
- Requise — la victime doit ouvrir un fichier, cliquer sur un lien ou visiter une page.
- Scope
- Inchangé — impact limité au composant vulnérable.
- Confidentiality
- Aucun — aucun impact sur la confidentialité.
- Integrity
- Élevé — l'attaquant peut écrire, modifier ou supprimer toutes les données.
- Availability
- Aucun — aucun impact sur la disponibilité.
Logiciel Affecté
Classification de Faiblesse (CWE)
Chronologie
- Réservé
- Publiée
- EPSS mis à jour
Mitigation et Contournementstraduction en cours…
The primary mitigation for CVE-2026-24885 is to upgrade Kanboard to version 1.2.50 or later, which includes the necessary fix. If upgrading immediately is not feasible, consider implementing a Content Security Policy (CSP) to restrict the sources from which Kanboard can load resources. Additionally, carefully review and validate all user input to prevent malicious requests. While a WAF might offer some protection, it is not a substitute for patching the vulnerability.
Comment corriger
Mettez à jour Kanboard à la version 1.2.50 ou supérieure. Cette version corrige la vulnérabilité CSRF en validant correctement le Content-Type des requêtes. La mise à jour empêchera les attaquants de modifier les rôles d'utilisateur sans autorisation.
Newsletter Sécurité CVE
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
Questions fréquentestraduction en cours…
What is CVE-2026-24885 — CSRF in Kanboard?
CVE-2026-24885 is a Cross-Site Request Forgery (CSRF) vulnerability in Kanboard project management software, allowing unauthorized modification of project user roles.
Am I affected by CVE-2026-24885 in Kanboard?
Yes, if you are running Kanboard version 1.2.50 or earlier, you are affected by this vulnerability.
How do I fix CVE-2026-24885 in Kanboard?
Upgrade Kanboard to version 1.2.50 or later to resolve the CSRF vulnerability. Consider implementing a Content Security Policy (CSP) as an interim measure.
Is CVE-2026-24885 being actively exploited?
No active exploitation has been confirmed at this time, but the vulnerability's potential impact warrants prompt mitigation.
Where can I find the official Kanboard advisory for CVE-2026-24885?
Refer to the Kanboard security advisories on their official website or GitHub repository for the latest information and updates.
Ton projet est-il affecté ?
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.