Back to Catalog
Planka logo

Planka

Kanban-style collaborative project and task management tool

app

Alternative to: Trello, Jira, Taiga, Kanboard, Wekan, ClickUp, Asana, Monday.com

Repository Docs
About Versions (18)
Back to Versions

v1.26.3

2025-09-04

Security Release

  • Fixed a vulnerability where maliciously renamed file attachments could execute JavaScript in the gallery UI.
  • The issue originated from an upstream library react-photoswipe-gallery, but PLANKA has patched it locally to prevent the use of dangerous innerHTML when setting gallery captions.
  • Users should update to PLANKA >= 1.26.3 or >= 2.0.0-rc.4 to be protected.
  • More details and credits: Security Advisory
  • Reported by @AmjadAlii via responsible disclosure.

What’s Changed

  • fix: Patch react-photoswipe-gallery to prevent XSS in captions

Full Changelog: https://github.com/plankanban/planka/compare/v1.26.2…v1.26.3

Changelog on GitHub →