Please e-mail all security issue findings to security@leantime.io
Security: Leantime/leantime
Security
SECURITY.md
-
Stored XSS Vulnerability in CalenderGHSA-749v-fh5c-wp42 published
Nov 16, 2024 by marcelfolaronModerate -
Dumping Full DB with Backup.phpGHSA-8r84-p6fx-4m8g published
Feb 6, 2024 by marcelfolaronModerate -
XSS via To-Do titleGHSA-j5hg-w6v9-rpxp published
Feb 6, 2024 by marcelfolaronModerate -
Authenticated SQL InjectionGHSA-559g-3h98-g3fj published
Oct 19, 2023 by marcelfolaronModerate -
Open Redirect On Login PageGHSA-pjgh-gm53-r5f9 published
Nov 16, 2024 by marcelfolaronModerate -
Cookie Does Not Contain The "secure", "HttpOnly" AttributeGHSA-wrp4-cjx2-6jwr published
Nov 12, 2024 by marcelfolaronLow -
Sensitive form field has not disabled autocompleteGHSA-hwxr-m7m4-vhc5 published
Nov 16, 2024 by marcelfolaronLow -
(CVE-2022-31129) Use of JavaScript Library with Known VulnerabilityGHSA-j8v4-vvvr-gc23 published
Feb 6, 2024 by marcelfolaronLow -
Stored XSS Vulnerability via Milestone AttachmentsGHSA-65wf-24mp-hjh2 published
Nov 16, 2024 by marcelfolaronModerate -
HTML injection through FIRST And LAST NameGHSA-qrfh-cc86-vc8c published
Nov 16, 2024 by marcelfolaronModerate
Learn more about advisories related to Leantime/leantime in the GitHub Advisory Database