leantime 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は vendor risk cross-site scripting、vendor risk sql injection, and vendor risk csrf に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で vendor impact session compromise and vendor impact data exposure などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-28254 | Cross Site Scripting vulnerability in Leantime v3.2.1 and before allows an authenticated attacker to execute arbitrary code and obtain sensitive information via the first name field in processMentions(). | [email protected] | 5.4 | 0.47% | 2025-03-28 | 2025-04-07 |
| CVE-2024-27477 | In Leantime 3.0.6, a Cross-Site Scripting vulnerability exists within the ticket creation and modification functionality, allowing attackers to inject malicious JavaScript code into the title field of tickets (also known as to-dos). This stored XSS vulnerability can be exploited to perform Server-Side Request Forgery (SSRF) attacks. | [email protected] | 6.1 | 0.31% | 2024-04-10 | 2025-04-08 |
| CVE-2024-27476 | Leantime 3.0.6 is vulnerable to HTML Injection via /dashboard/show#/tickets/newTicket. | [email protected] | 4.7 | 0.28% | 2024-04-10 | 2025-04-08 |
| CVE-2024-27474 | Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actions on behalf of authenticated users, specifically administrators. | [email protected] | 8.8 | 0.48% | 2024-04-10 | 2025-04-08 |
| CVE-2024-27705 | Cross Site Scripting vulnerability in Leantime v3.0.6 allows attackers to execute arbitrary code via upload of crafted PDF file to the files/browse endpoint. | [email protected] | 7.6 | 0.11% | 2024-04-03 | 2025-04-08 |
| CVE-2024-27703 | Cross Site Scripting vulnerability in Leantime 3.0.6 allows a remote attacker to execute arbitrary code via the to-do title parameter. | [email protected] | 5.4 | 0.43% | 2024-03-13 | 2025-04-08 |
| CVE-2023-45826 | Leantime is an open source project management system. A 'userId' variable in `app/domain/files/repositories/class.files.php` is not parameterized. An authenticated attacker can send a carefully crafted POST request to `/api/jsonrpc` to exploit an SQL injection vulnerability. Confidentiality is impacted as it allows for dumping information from the database. This issue has been addressed in version 2.4-beta-4. Users are advised to upgrade. There are no known workarounds for this vulnerability. | [email protected] | 6.5 | 34.41% | 2023-10-19 | 2024-11-21 |
| CVE-2023-33961 | Leantime is a lean open source project management system. Starting in version 2.3.21, an authenticated user with commenting privileges can inject malicious Javascript into a comment. Once the malicious comment is loaded in the browser by a user, the malicious Javascript code executes. As of time of publication, a patch does not exist. | [email protected] | 8.9 | 0.84% | 2023-05-30 | 2024-11-21 |
| CVE-2020-5292 | Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vulnerability. The impact is high. Malicious users/attackers can execute arbitrary SQL queries negatively affecting the confidentiality, integrity, and availability of the site. Attackers can exfiltrate data like the users' and administrators' password hashes, modify data, or drop tables. The unescaped parameter is "searchUsers" when sending a POST request to "/tickets/showKanban" with a valid session. In the code, the parameter i | [email protected] | 8.7 | 0.29% | 2020-03-31 | 2024-11-21 |