by vicarius
log in join community
by @secatgourity
02 Jul 2024
#vuln_with_no_assigned_CVE

Analysis blog of a 0-day vulnerability that has no CVE ID assigned to it

publish

Open Redirects in Leantime - Journey to an 0-day via source code review

by @secatgourity
by @secatgourity
02 Jul 2024
#vuln_with_no_assigned_CVE

Analysis blog of a 0-day vulnerability that has no CVE ID assigned to it

publish

Open Redirects in Leantime - Journey to an 0-day via source code review

OS

Kali Linux
Kali LinuxKali
2024.1.*
2020.3.*
2019.4.*

Apps

L
LeantimeLeantime
2.3.23.*
2.3.22.*
2.3.26.*
2.3.27.*
2.3.24.*
2.3.25.*
2.3.21.*
2.3.17.*
2.3.18.*
2.3.19.*

Screenshots from the blog posts

images/clxkuq6duukhm1hok3q2i8z39.jpgimages/clxkuq6duukhm1hok3q2i8z39.jpg

Summary

In this post, we will uncover an open redirect vulnerability (0-day) that we have discovered in LeanTime project management system via manual source code review. We will cover all aspects of the vulnerability and provide you a working testbed and a functional exploit to try everything on your own.

general

Description

Tags

#opensource#zero-day#trending#leantime#open-redirect#project-management-system#0-day

@secatgourity

190 posts

Total vcoins

0

Social media links

Comments (1)