← volver
CVE-2015-8473

CVE-2015-8473

EPSS 1.7%
The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/redmine/redmine/commit/8d8f612fa368a72c56b63f7ce6b7e98cab9feb22https://www.redmine.org/issues/21136https://www.redmine.org/projects/redmine/wiki/Changelog_3_0https://www.redmine.org/projects/redmine/wiki/Changelog_3_1https://www.redmine.org/versions/105http://www.debian.org/security/2016/dsa-3529http://www.securityfocus.com/bid/78621