CVE-2021-30163

CVE-2021-30163

EPSS 1.2%

Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discover the names of private projects if issue-journal details exist that have changes to project_id values.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html https://www.redmine.org/projects/redmine/wiki/Security_Advisories