CVE-2021-29274

CVE-2021-29274

EPSS 0.8%

Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.redmine.org/issues/33846 https://www.redmine.org/projects/redmine/wiki/Security_Advisories