Cross Site Request Forgery Vulnerability in Leantime by Leantime
CVE-2024-27474
8.8HIGH
What is CVE-2024-27474?
The Leantime 3.0.6 software exhibits a vulnerability to Cross Site Request Forgery (CSRF), which potentially allows attackers to execute unauthorized operations on behalf of authenticated users, particularly those with administrative privileges. This security loophole can be exploited to compromise user actions without consent, posing a significant risk to the integrity and security of the affected system. It is essential for users to implement security measures and updates to handle this vulnerability effectively.
