Debian has issued an advisory on July 16: https://www.debian.org/security/2023/dsa-5454 The issue is fixed upstream in 1.2.31: https://github.com/kanboard/kanboard/security/advisories/GHSA-9gvq-78jp-jxcx Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOOStatus comment: (none) => Fixed upstream in 1.2.31
Little activity on this, various packagers, so assigning globally.
Assignee: bugsquad => pkg-bugs