Only the latest stable version is supported.
Do not open a new GitHub issue if the bug is a security vulnerability.
Preferably, report the vulnerability privately by creating a new GitHub security advisory (documentation).
If you do not want to use GitHub, send an email to security AT kanboard DOT net with all the steps to reproduce the problem (GPG Key).
Keep in mind that this software is in maintenance mode.