Kanboard 1.2.34 is vulnerable to Html Injection in the group management feature.
{ "urgency": "not yet assigned" }