CVE-2026-59713 - Leantime - OIDC Login CSRF via Unconditional State Verification Stub
CVE ID :CVE-2026-59713 Published : July 6, 2026, 9:16 p.m. | 1 hour, 57 minutes ago Description :Leantime contains an OIDC login CSRF vulnerability in the verifyState() method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs...