CVE-2025-65779 is a vulnerability discovered in Wekan, an open-source kanban board system widely used for project and task management. The flaw exists in versions up to 18.15 and stems from improper authorization checks in the Boards.allow function. Specifically, this function returns true without verifying the userId, allowing unauthenticated attackers to update the "sort" value of boards. This enables attackers to arbitrarily reorder boards, compromising the integrity of the board data and potentially disrupting workflows. The vulnerability does not expose confidential information nor does it allow denial of service, but it undermines the trustworthiness and reliability of the board's state. Exploitation requires no privileges or user interaction and can be performed remotely over the network, increasing the attack surface. The vulnerability is classified under CWE-284 (Improper Access Control). The issue was addressed and fixed in Wekan version 18.16. No known exploits have been reported in the wild as of the publication date. The CVSS v3.1 base score is 7.5, reflecting high severity due to the ease of exploitation and impact on data integrity. Organizations relying on Wekan for collaboration and project tracking should prioritize patching to prevent unauthorized manipulation of board data.

For European organizations, this vulnerability poses a significant risk to the integrity of project management data. Unauthorized reordering of boards can lead to confusion, mismanagement of tasks, and disruption of workflows, potentially delaying projects and causing operational inefficiencies. While confidentiality and availability are not directly impacted, the integrity breach can erode trust in the system and complicate audit trails. Organizations in sectors with strict compliance requirements or those relying heavily on accurate task tracking may face regulatory or contractual risks if data integrity is compromised. The ease of exploitation without authentication means attackers can act stealthily and remotely, increasing the likelihood of attacks especially in environments where Wekan is exposed to the internet or insufficiently segmented networks. This could also facilitate further social engineering or follow-on attacks by creating chaos or misinformation within teams.

1. Upgrade Wekan installations to version 18.16 or later immediately to apply the official fix. 2. Restrict network access to Wekan instances, especially those exposed to the internet, by implementing firewalls or VPNs. 3. Implement strict access control policies and monitor authorization logic in custom integrations or plugins to prevent similar flaws. 4. Conduct regular audits of board activity logs to detect unauthorized changes or suspicious reordering events. 5. Educate users and administrators about the importance of timely patching and monitoring for anomalous behavior. 6. Consider deploying Web Application Firewalls (WAFs) with rules to detect and block unauthorized API calls targeting board modifications. 7. Segment Wekan servers within internal networks to limit lateral movement if compromised. 8. Backup board data regularly to enable recovery in case of malicious manipulation.