CVE-2025-65781
π΄ HIGHAn issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Attachment upload API treats the Authorization bearer value as a userId and enters a non-termi...
Description
Request Expert ReviewAn issue was discovered in Wekan The Open Source kanban board system up to version 18.15, fixed in 18.16. Attachment upload API treats the Authorization bearer value as a userId and enters a non-terminating body-handling branch for any non-empty bearer token, enabling trivial application-layer DoS and latent identity-spoofing.
Affected Products (1)
CVSS Scores
References
Additional Information
- Source
- cve@mitre.org
- State
- Analyzed
Related CVEs
CVE-2026-0837
HIGHA vulnerability was identified in UTT θΏε 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of...
CVE-2026-0836
HIGHA vulnerability was determined in UTT θΏε 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW...
CVE-2025-15505
LOWA vulnerability was found in Luxul XWR-600 up to 4.0.1. The affected element is an unknown function of the component Web Administration Interface. The...
CVE-2026-0824
LOWA security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results...
CVE-2026-0822
MEDIUMA vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file quickjs.c. The mani...
CVE-2025-13393
MEDIUMThe Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.3.1. This...
Share CVE-2025-65781
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2025-65781 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!