Security: Leantime/leantime
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
XSS on notification from To-DoGHSA-f679-254h-qhvj published
Feb 18, 2025 by marcelfolaronModerate -
HTML Injection in Email NotificationsGHSA-95j3-435g-vjcp published
Feb 18, 2025 by marcelfolaronModerate -
Unauthorized access to view information of other userGHSA-3hfj-qcvj-4hx8 published
Feb 18, 2025 by marcelfolaronModerate -
StoredXSS in API Key nameGHSA-c39w-3pjx-qc7m published
Feb 18, 2025 by marcelfolaronModerate -
Stored Xss VulnerabilityGHSA-63cr-xg3f-8jvr published
Feb 18, 2025 by marcelfolaronLow -
Refelected xss by file uploadGHSA-52xf-h226-pfgx published
Feb 18, 2025 by marcelfolaronModerate -
Improper Cache control allows attacker to view sensitive dataGHSA-h6w8-27ph-c385 published
Feb 18, 2025 by marcelfolaronHigh -
Host Header Injection leading to sensitive data disclosureGHSA-99r5-84gr-59f6 published
Feb 18, 2025 by marcelfolaronHigh -
3 Vulnerabilities - XSS -> SSRF, HTML Injection, CSRFGHSA-92xh-6x7v-4rmq published
Feb 18, 2025 by marcelfolaronModerate -
Stored XSS Vulnerability in CalenderGHSA-749v-fh5c-wp42 published
Nov 16, 2024 by marcelfolaronModerate