CVE-2020-5292

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-5292

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5292.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-5292

Related

GHSA-ww6x-rhvp-55hp

Published

2020-03-31T19:15:14Z

Modified

2025-07-01T11:39:12.197863Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vulnerability. The impact is high. Malicious users/attackers can execute arbitrary SQL queries negatively affecting the confidentiality, integrity, and availability of the site. Attackers can exfiltrate data like the users' and administrators' password hashes, modify data, or drop tables. The unescaped parameter is "searchUsers" when sending a POST request to "/tickets/showKanban" with a valid session. In the code, the parameter is named "users" in class.tickets.php. This issue is fixed in versions 2.0.15 and 2.1.0 beta 3.

References

Affected packages

Git / github.com/leantime/leantime

Affected ranges

Type: GIT
Repo: https://github.com/leantime/leantime
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

af0807f0b2c4c3c914b93f1c5d940e6b875f231f

Affected versions

v0.*

v0.9.5-alpha

v2.*

v2.0

v2.0.1

v2.0.10

v2.0.11

v2.0.12

v2.0.13

v2.0.14

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.0.7

v2.0.8

v2.0.9

v2.1-beta

v2.1-beta2