Kanboard Path Traversal in File Write via Task File Upload...

6.4 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Description

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the task_id parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file anywhere on the system the app user controls. The impact is limited due to the filename being hashed and having no extension. This issue has been patched in version 1.2.47.

Basic Information

ID CVE-2025-55011

Source GitHub_M

Published Aug 12, 2025 at 15:57

Modified Aug 12, 2025 at 19:31

Affected Product

Vendor kanboard

Product kanboard

Version < 1.2.47

Affected Versions kanboard kanboard < 1.2.47

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the task_id parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file anywhere on the system the app user controls. The impact is limited due to the filename being hashed and having no extension. This issue has been patched in version 1.2.47.",
    "published": "2025-08-12T15:57:08.108Z",
    "modified": "2025-08-12T19:31:01.757Z",
    "type": "cve",
    "title": "Kanboard Path Traversal in File Write via Task File Upload Api",
    "source": "GitHub_M",
    "references": "https://github.com/kanboard/kanboard/security/advisories/GHSA-26f4-rx96-xc55\nhttps://github.com/kanboard/kanboard/commit/523a6135e944b6884c091a3fd7605af8ef133681\nhttps://github.com/kanboard/kanboard/blob/b2e35ac520add67cff792aab960b3c002c48e3d0/app/Api/Procedure/TaskFileProcedure.php#L47-L57",
    "id": "CVE-2025-55011",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "kanboard kanboard < 1.2.47",
    "sourceHref": "",
    "cvss": {
        "score": 6.4,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "kanboard",
    "version": "< 1.2.47",
    "vendor": "kanboard",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Kanboard Path Traversal in File Write via Task File Upload Api_CVE-2025-55011