CVE-2015-8537

CVE-2015-8537

EPSS 1.9%

app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote attackers to obtain sensitive information by viewing an Atom feed.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/redmine/redmine/commit/7e423fb4538247d59e01958c48b491f196a1de56 http://www.debian.org/security/2016/dsa-3529 http://www.redmine.org/news/103