Generate a CSRF payload, setting role value to 50 (Global Administrator) 
![image](https://github.com/dead1nfluence/Leantime-POC/assets/152615382/5c247260-7a29-44f9-aa43-0c913eb71b91)

Lure the administrator to click a button on an attacker-controlled domain. 
![image](https://github.com/dead1nfluence/Leantime-POC/assets/152615382/b0295d6a-1700-4543-bae1-163b42f5f7f8)

Profit??

![image](https://github.com/dead1nfluence/Leantime-POC/assets/152615382/ac0b3626-2db8-4bd8-a02a-221a15e6cbb1)