2 matches found
Cross-Site Request Forgery (CSRF)
Leantime is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to missing validation of the OIDC state parameter in the verifyState method, where attacker-controlled authorization callbacks are accepted without verification, allowing attackers to perform session fixation and...
CVE-2026-59713
Leantime contains an OIDC login CSRF vulnerability in the verifyState method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the...