Skip to content

Kimai: Login CSRF in Default Team Creation Endpoints Allows Unauthorized Team and Permission Structure Changes

Moderate severity GitHub Reviewed Published Jun 3, 2026 in kimai/kimai • Updated Jul 13, 2026

No open alerts for this advisory

Give feedback on Dependabot alerts