GHSA-99r5-84gr-59f6: Leantime has Host Header Injection Vulnerability
A host header injection vulnerability has been identified in the user details viewing functionality of the system. This vulnerability allows an attacker to manipulate the host header in HTTP requests, thereby gaining unauthorized access to view details of other users.
References
Detect and mitigate GHSA-99r5-84gr-59f6 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →