POC详情: bca95a68f139c349c9915d85193fde2993a41202

来源
https://github.com/dead1nfluence/Leantime-POC
关联漏洞
标题: Leantime Systems Leantime 安全漏洞 (CVE-2024-27474)
描述:Leantime Systems Leantime是美国Leantime Systems公司的一套基于PHP和MySQL的开源项目管理系统。 Leantime Systems Leantime 3.0.6版本存在安全漏洞,该漏洞源于容易受到跨站请求伪造(CSRF)攻击,允许攻击者代表经过身份验证的用户(特别是管理员)执行未经授权的操作。
描述
CVE-2024-27474, CVE-2024-27476, CVE-2024-27477
介绍
# Leantime-POC
CVE-2024-27474, CVE-2024-27476, CVE-2024-27477

## Description 

The following vulnerabilities were identified in version 3.0.6 of the Leantime goals focused project management system.

### CVE-2024-27474
A cross-site request forgery (CSRF) vulnerability which, when triggered, would create and elevate the privileges of an account to the administrator role. 

### CVE-2024-27476
An HTML injection vulnerability which allows an attacker to inject malicious HTML code, through href attribute or anchor tags, into the application. In my proof-of-concept (POC) I used this to redirect the "victim", otherwise known as myself, to an attacker-controlled login page where they may have their credentials stolen. 

### CVE-2024-27477
A cross-site scripting (XSS) vulnerability, which, when triggered, issues a request to a remote server, performing a server-side request forgery attack. This could be leveraged to steal the cookies of any unsuspecting user who visits the page on which it is stored.
文件快照

 [4.0K]  /data/pocs/bca95a68f139c349c9915d85193fde2993a41202
├── [ 493]  CVE-2024-27474.md
├── [ 747]  CVE-2024-27476.md
├── [ 598]  CVE-2024-27477.md
└── [1009]  README.md

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。