Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actions on behalf of authenticated users, specifically administrators.
History

Wed, 21 Aug 2024 22:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-352
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-21T20:18:30.064Z

Reserved: 2024-02-26T00:00:00

Link: CVE-2024-27474

cve-icon Vulnrichment

Updated: 2024-08-02T00:34:52.363Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-10T15:16:04.867

Modified: 2024-11-21T09:04:39.530

Link: CVE-2024-27474

cve-icon Redhat

No data.