CVE-2024-27474 PoC — Leantime Systems Leantime 安全漏洞

Source

https://github.com/dead1nfluence/Leantime-POC

Associated Vulnerability

Title:Leantime Systems Leantime 安全漏洞 (CVE-2024-27474)
Description:Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actions on behalf of authenticated users, specifically administrators.

Description

CVE-2024-27474, CVE-2024-27476, CVE-2024-27477

Readme

# Leantime-POC
CVE-2024-27474, CVE-2024-27476, CVE-2024-27477

## Description 

The following vulnerabilities were identified in version 3.0.6 of the Leantime goals focused project management system.

### CVE-2024-27474
A cross-site request forgery (CSRF) vulnerability which, when triggered, would create and elevate the privileges of an account to the administrator role. 

### CVE-2024-27476
An HTML injection vulnerability which allows an attacker to inject malicious HTML code, through href attribute or anchor tags, into the application. In my proof-of-concept (POC) I used this to redirect the "victim", otherwise known as myself, to an attacker-controlled login page where they may have their credentials stolen. 

### CVE-2024-27477
A cross-site scripting (XSS) vulnerability, which, when triggered, issues a request to a remote server, performing a server-side request forgery attack. This could be leveraged to steal the cookies of any unsuspecting user who visits the page on which it is stored.

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!