Medium severity4.7NVD Advisory· Published Apr 10, 2024· Updated Jun 17, 2026
CVE-2024-27476
CVE-2024-27476
Description
Leantime 3.0.6 is vulnerable to HTML Injection via /dashboard/show#/tickets/newTicket.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/dead1nfluence/Leantime-POC/blob/main/README.mdnvdExploitThird Party Advisory
- drive.proton.me/urls/X9G9MY1FAWnvdBroken Link
- github.com/Leantime/leantime/blob/264a7dbc2c9b18f574821bf27dd568a287ee8498/app/Domain/Tickets/Controllers/ShowTicket.phpnvdProduct
News mentions
0No linked articles in our index yet.