← voltar
CVE-2015-8473

CVE-2015-8473

EPSS 1.7%
The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/redmine/redmine/commit/8d8f612fa368a72c56b63f7ce6b7e98cab9feb22https://www.redmine.org/issues/21136https://www.redmine.org/projects/redmine/wiki/Changelog_3_0https://www.redmine.org/projects/redmine/wiki/Changelog_3_1https://www.redmine.org/versions/105http://www.debian.org/security/2016/dsa-3529http://www.securityfocus.com/bid/78621