VULNMAP - Security Vulnerabilities

CVE
2025-28221
View CVE 2025-28221

Public CVE-2025-28221 disclosure

Cross Site Scripting vulnerability in Leantime v3.2.1 and before allows an authenticated attacker to execute arbitrary code and obtain sensitive information via the first name field in processMentions().

Link not working? No problem! With VULNMAP you always have guaranteed access to security information thanks to reliable backups.

🕰️ View on Wayback Machine 🔍 Search on Google NVD Database CVE.ORG Database
Our backup links ensure that critical data remains always available, even in case of unavailability of original sites.