CVE-2024-27705 Information

Description

Cross Site Scripting vulnerability in Leantime v3.0.6 allows attackers to execute arbitrary code via upload of crafted PDF file to the files/browse endpoint.

Reference

https://github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-27705