← Zuruck zu CVEs
CVE-2026-2209
MEDIUM6.3
Beschreibung
A vulnerability was detected in WeKan up to 8.18. The affected element is the function setCreateTranslation of the file client/components/settings/translationBody.js of the component Custom Translation Handler. The manipulation results in improper authorization. The attack can be launched remotely. Upgrading to version 8.19 is sufficient to fix this issue. The patch is identified as f244a43771f6ebf40218b83b9f46dba6b940d7de. It is suggested to upgrade the affected component.
CVE Details
CVSS v3.1 Bewertung6.3
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht2/8/2026
Zuletzt geandert2/11/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
wekan_project:wekan
Schwachen (CWE)
CWE-266CWE-285
Referenzen
https://github.com/wekan/wekan/(cna@vuldb.com)
https://github.com/wekan/wekan/releases/tag/v8.19(cna@vuldb.com)
https://vuldb.com/?ctiid.344923(cna@vuldb.com)
https://vuldb.com/?id.344923(cna@vuldb.com)
https://vuldb.com/?submit.752269(cna@vuldb.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.