Update wekan
We received a report that our current version of wekan (5.42) contains two vulnerabilities:
- it's possible to bypass the system and create non-OIDC accounts, and log in with them;
- there are XSS vulnerabilities.
The first one should be fixed by upgrading to latest wekan (5.60 at time of writing), the other one is alledgedly reported to wekan but not yet fixed.