CVE-2025-52560
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-52560
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-52560.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-52560
- Aliases
-
- GHSA-2ch5-gqjm-8p92
- Published
- 2025-06-24T03:15:34Z
- Modified
- 2025-06-27T11:13:55.253010Z
- Summary
- [none]
- Details
-
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard allows password reset emails to be sent with URLs derived from the unvalidated Host header when the applicationurl configuration is unset (default behavior). This allows an attacker to craft a malicious password reset link that leaks the token to an attacker-controlled domain. If a victim (including an administrator) clicks the poisoned link, their account can be taken over. This affects all users who initiate a password reset while applicationurl is not set. This issue has been patched in version 1.2.46.
- References
Affected packages
Git / github.com/kanboard/kanboard
Affected ranges
- Type
- GIT
- Repo
- https://github.com/kanboard/kanboard
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v1.*
v1.0.0
v1.0.1
v1.0.10
v1.0.11
v1.0.12
v1.0.13
v1.0.14
v1.0.15
v1.0.16
v1.0.17
v1.0.18
v1.0.19
v1.0.2
v1.0.20
v1.0.21
v1.0.22
v1.0.23
v1.0.24
v1.0.25
v1.0.26
v1.0.27
v1.0.28
v1.0.29
v1.0.3
v1.0.30
v1.0.31
v1.0.32
v1.0.33
v1.0.34
v1.0.35
v1.0.36
v1.0.37
v1.0.38
v1.0.39
v1.0.4
v1.0.40
v1.0.41
v1.0.42
v1.0.43
v1.0.44
v1.0.45
v1.0.46
v1.0.47
v1.0.48
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.1.0
v1.1.1
v1.2.0
v1.2.1
v1.2.10
v1.2.11
v1.2.12
v1.2.13
v1.2.14
v1.2.15
v1.2.16
v1.2.17
v1.2.18
v1.2.19
v1.2.2
v1.2.20
v1.2.21
v1.2.22
v1.2.23
v1.2.24
v1.2.25
v1.2.26
v1.2.27
v1.2.28
v1.2.29
v1.2.3
v1.2.30
v1.2.31
v1.2.32
v1.2.33
v1.2.34
v1.2.35
v1.2.36
v1.2.37
v1.2.38
v1.2.39
v1.2.4
v1.2.40
v1.2.41
v1.2.42
v1.2.43
v1.2.44
v1.2.45
v1.2.5
v1.2.6
v1.2.7
v1.2.8
v1.2.9