Kimai is vulnerable to Insufficient Granularity of Access Control. This vulnerability is due to the view_other_timesheet permission between the UI and API performing differently, leading to unauthorized access to timesheet…Read More