Tag
CVE-2026-59713 identifies a high-severity OIDC login Cross-Site Request Forgery (CSRF) vulnerability in Leantime's verifyState() method, allowing attackers to craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation and log victims into an attacker's session.