High severity7.6NVD Advisory· Published Apr 3, 2024· Updated Jun 17, 2026
CVE-2024-27705
CVE-2024-27705
Description
Cross Site Scripting vulnerability in Leantime v3.0.6 allows attackers to execute arbitrary code via upload of crafted PDF file to the files/browse endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <=3.0.6
Patches
Vulnerability mechanics
References
1- github.com/b-hermes/vulnerability-research/tree/main/CVE-2024-27705nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.