Back to Catalog
Planka logo

Planka

Kanban board to manage your projects and tasks

app

Alternative to: trello, asana, jira, kanban

GitHub Documentation Demo

Details

License Multiple
Available in:
free pro business

Support this project

Add a star on GitHub →
About Versions (4)
Back to Versions

vv1.26.3

2025-09-04

Fixed XSS vulnerability in gallery captions via patched react-photoswipe-gallery.

Security Release

  • Fixed a vulnerability where maliciously renamed file attachments could execute JavaScript in the gallery UI.
  • The issue originated from an upstream library react-photoswipe-gallery, but PLANKA has patched it locally to prevent the use of dangerous innerHTML when setting gallery captions.
  • Users should update to PLANKA >= 1.26.3 or >= 2.0.0-rc.4 to be protected.
  • More details and credits: Security Advisory
  • Reported by @AmjadAlii via responsible disclosure.

What’s Changed

  • fix: Patch react-photoswipe-gallery to prevent XSS in captions

Full Changelog: https://github.com/plankanban/planka/compare/v1.26.2...v1.26.3

Upstream changelog →