3 matches found
CVE-2024-27705
Cross Site Scripting vulnerability in Leantime v3.0.6 allows attackers to execute arbitrary code via upload of crafted PDF file to the files/browse endpoint...
CVE-2024-27705
Cross Site Scripting vulnerability in Leantime v3.0.6 allows attackers to execute arbitrary code via upload of crafted PDF file to the files/browse endpoint...
CVE-2024-27705
CVE-2024-27705 describes a Cross Site Scripting vulnerability in Leantime v3.0.6. The issue arises when uploading a crafted PDF to the files/browse endpoint, allowing an attacker to execute arbitrary code. Public references in connected docs consistently cite Leantime v3.0.6 and the upload vector...