CVE-2024-27476

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-27476
Leantime 3.0.6 is vulnerable to HTML Injection via /dashboard/show#/tickets/newTicket.

4.7 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://drive.proton.me/urls/X9G9MY1FAW#NLS8RkHUihLY Broken Link
https://github.com/Leantime/leantime/blob/264a7dbc2c9b18f574821bf27dd568a287ee8498/app/Domain/Tickets/Controllers/ShowTicket.php#L20 Product
https://github.com/dead1nfluence/Leantime-POC/blob/main/README.md Exploit Third Party Advisory
https://drive.proton.me/urls/X9G9MY1FAW#NLS8RkHUihLY Broken Link
https://github.com/Leantime/leantime/blob/264a7dbc2c9b18f574821bf27dd568a287ee8498/app/Domain/Tickets/Controllers/ShowTicket.php#L20 Product
https://github.com/dead1nfluence/Leantime-POC/blob/main/README.md Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:leantime:leantime:3.0.6:*:*:*:*:*:*:*
History

08 Apr 2025, 15:22

Type Values Removed Values Added
References () https://drive.proton.me/urls/X9G9MY1FAW#NLS8RkHUihLY - () https://drive.proton.me/urls/X9G9MY1FAW#NLS8RkHUihLY - Broken Link
References () https://github.com/Leantime/leantime/blob/264a7dbc2c9b18f574821bf27dd568a287ee8498/app/Domain/Tickets/Controllers/ShowTicket.php#L20 - () https://github.com/Leantime/leantime/blob/264a7dbc2c9b18f574821bf27dd568a287ee8498/app/Domain/Tickets/Controllers/ShowTicket.php#L20 - Product
References () https://github.com/dead1nfluence/Leantime-POC/blob/main/README.md - () https://github.com/dead1nfluence/Leantime-POC/blob/main/README.md - Exploit, Third Party Advisory
First Time Leantime
Leantime leantime
CPE cpe:2.3:a:leantime:leantime:3.0.6:*:*:*:*:*:*:*

21 Nov 2024, 09:04

Type Values Removed Values Added
References () https://drive.proton.me/urls/X9G9MY1FAW#NLS8RkHUihLY - () https://drive.proton.me/urls/X9G9MY1FAW#NLS8RkHUihLY -
References () https://github.com/Leantime/leantime/blob/264a7dbc2c9b18f574821bf27dd568a287ee8498/app/Domain/Tickets/Controllers/ShowTicket.php#L20 - () https://github.com/Leantime/leantime/blob/264a7dbc2c9b18f574821bf27dd568a287ee8498/app/Domain/Tickets/Controllers/ShowTicket.php#L20 -
References () https://github.com/dead1nfluence/Leantime-POC/blob/main/README.md - () https://github.com/dead1nfluence/Leantime-POC/blob/main/README.md -

01 Aug 2024, 13:48

Type Values Removed Values Added
Summary
  • (es) Leantime 3.0.6 es vulnerable a la inyección de HTML a través de /dashboard/show#/tickets/newTicket.
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 4.7
CWE CWE-94

10 Apr 2024, 15:16

Type Values Removed Values Added
New CVE
Information

Published : 2024-04-10 15:16

Updated : 2025-04-08 15:22

NVD link : CVE-2024-27476

Mitre link : CVE-2024-27476

CVE.ORG link : CVE-2024-27476

JSON object : View

Products Affected

leantime

  • leantime
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')