Summary

Leantime is an open-source project, that is a simple yet feature-rich management system for non-project managers. It's version 3.0.6 is vulnerable to a Cross-Site Scripting vulnerability within the ticket creation and modification functionality, allowing attackers to inject malicious JavaScript code into the title field of tickets (also known as To-Dos). In this post, we will dive into this vulnerability and exploit it from an attacker's perspective. Besides the PoC and vulnerability confirmation, the post contains potential attack avenues that an attacker could take. Then we will shift hats and understand the same vulnerability from a source code review, pinpointing the exact code line that caused this issue, and the exact code line that helped fix this issue. Lastly, I leave you with some tips on what mindset to adopt while developing code.

Description