Name of the Vulnerable Software and Affected Versions Leantime (affected versions not specified)

Description A cross-site scripting (XSS) issue has been identified, allowing an attacker to inject malicious scripts into certain fields. This could lead to the execution of arbitrary code or unauthorized access to user-sensitive information. The issue arises from the lack of validation or sanitization of the id parameter, which is directly incorporated into the source path without checks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.