Assigner | mitre |
Reserved | 2024-02-26 |
Published | 2024-04-03 |
Updated | 2024-04-03 |
Description
Cross Site Scripting vulnerability in Leantime v3.0.6 allows attackers to execute arbitrary code via upload of crafted PDF file to the files/browse endpoint.
References
https://github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-27705