CVE-2026-15510
Leantime up to 3.8.0 is affected by an improper authorization issue in API:Setting::saveSetting. The root cause is improper access control in the SaveSetting function, enabling a remote attack. Public exploit exists and could be used. The vulnerability impacts the API component and is rated with ...