CVE-2026-59713 PUBLISHED

Leantime - OIDC Login CSRF via Unconditional State Verification Stub

Assigner: VulnCheck
Reserved: 06.07.2026 Published: 06.07.2026 Updated: 07.07.2026

Leantime contains an OIDC login CSRF vulnerability in the verifyState() method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the attacker.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
CVSS Score: 8.6

Product Status

Vendor Leantime
Product Leantime
Versions Default: unaffected
  • affected from 0 to 3.4.4 (incl.)

Credits

  • George Chen reporter

References

Problem Types

  • Cross-Site Request Forgery (CSRF) CWE