CVE-2023-45826

Name of the Vulnerable Software and Affected Versions Leantime versions prior to 2.4-beta-4

Description Leantime is an open source project management system. A userId variable in app/domain/files/repositories/class.files.php is not parameterized. An authenticated attacker can send a carefully crafted POST request to "/api/jsonrpc" to exploit an SQL injection vulnerability. Confidentiality is impacted as it allows for dumping information from the database.

Recommendations For versions prior to 2.4-beta-4, upgrade to version 2.4-beta-4 to address the issue. As a temporary workaround, consider restricting access to the /api/jsonrpc endpoint until the upgrade is applied. Additionally, avoid using the userId variable in the affected API endpoint until the issue is resolved.