CVE-2025-52560
HIGHDescription
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard allows password reset emails to be sent with URLs derived from the unvalidated Host header when the application_url configuration is unset (default behavior). This allows an attacker to craft a malicious password reset link that leaks the token to an attacker-controlled domain. If a victim (including an administrator) clicks the poisoned link, their account can be taken over. This affects all users who initiate a password reset while application_url is not set. This issue has been patched in version 1.2.46.
Is your site exposed to CVE-2025-52560?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| kanboard | kanboard |
References
Frequently Asked Questions
What is CVE-2025-52560? +
How severe is CVE-2025-52560? +
What products are affected by CVE-2025-52560? +
How do I check if I'm vulnerable to CVE-2025-52560? +
Related Vulnerabilities
Natours is a Tour Booking API. The attacker can easily take over any victim account by injecting an attacker-controlled server …
This vulnerability exists in the CAP back office application due to a weak password-reset mechanism implemented at API endpoints. An …
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when a `ClientPasswordReset` record already …
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, …
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit …
The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, …