PT-2026-57576
Name of the Vulnerable Software and Affected Versions Leantime versions prior to 3.8.1 Description Improper authorization occurs within the JSON-RPC Endpoint component when the role argument is manipulated in the editUser or addUser functions. This allows a remote attacker to bypass authorization...