CVE-2025-52560HIGH 8.8EPSS p36.0%

CVE-2025-52560CVE-2025-52560

Description

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard allows password reset emails to be sent with URLs derived from the unvalidated Host header when the application_url configuration is unset (default behavior). This allows an attacker to craft a malicious password reset link that leaks the token to an attacker-controlled domain. If a victim (including an administrator) clicks the poisoned link, their account can be taken over. This affects all users who initiate a password reset while application_url is not set. This issue has been patched in version 1.2.46.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.45% probability of exploitation · percentile 36.0% · 2026-06-18T12:00:27Z
Published2025-06-24
Last modified2026-01-13

Underlying weaknesses· 1

CWE-640

References

  1. https://github.com/kanboard/kanboard/commit/bca2bd7ab95e7990e358fd35a7daf51a9c16aa75
  2. https://github.com/kanboard/kanboard/security/advisories/GHSA-2ch5-gqjm-8p92

1

TypeTargetConfidenceTier
WeaknessWeak Password Recovery Mechanism for Forgotten Passwordcwe-6400%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-21881
CVE
CVE-2026-24885
CVE
CVE-2026-29056
CVE
CVE-2026-25924
CVE
CVE-2026-32255
CVE
CVE-2025-65780
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.