CVE-2024-27705
Published
CVSS v3
7.6
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
Cross Site Scripting vulnerability in Leantime v3.0.6 allows attackers to execute arbitrary code via upload of crafted PDF file to the files/browse endpoint.
Selected public vulnerability research, CVE writeups, SSRF/parser bypasses, and AppSec findings.
GitHub