CVE-2020-36306

CVE-2020-36306

EPSS 0.7%

Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html https://www.redmine.org/projects/redmine/wiki/Security_Advisories