High severity8.1NVD Advisory· Published Jan 26, 2021· Updated Jun 17, 2026
CVE-2021-3309
CVE-2021-3309
Description
packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Wekan/Wekandescription
Patches
Vulnerability mechanics
References
3- github.com/wekan/wekan/pull/3483/commits/31f89121fecca5a761b05cc3a26d4f237e90b484nvdPatchThird Party Advisory
- github.com/wekan/wekan/issues/3482nvdExploitIssue TrackingThird Party Advisory
- github.com/wekan/wekan/releases/tag/v4.87nvdRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.