Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redmine vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2017-15575
In Redmine prior to 3.2.6 and 3.3.x prior to 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project's settings, which might allow remote malicious users to obtain sensitive differences information or possibly have unspecified other impact.
Redmine Redmine 3.3.0
Redmine Redmine 3.3.1
Redmine Redmine 3.3.2
Redmine Redmine
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-15576
Redmine prior to 3.2.6 and 3.3.x prior to 3.3.3 mishandles Time Entry rendering in activity views, which allows remote malicious users to obtain sensitive information.
Redmine Redmine
Redmine Redmine 3.3.0
Redmine Redmine 3.3.1
Redmine Redmine 3.3.2
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2017-15577
Redmine prior to 3.2.6 and 3.3.x prior to 3.3.3 mishandles the rendering of wiki links, which allows remote malicious users to obtain sensitive information.
Redmine Redmine 3.3.1
Redmine Redmine 3.3.2
Redmine Redmine
Redmine Redmine 3.3.0
Debian Debian Linux 9.0
1 Github repository
6.1
CVSSv3
CVE-2017-15568
In Redmine prior to 3.2.8, 3.3.x prior to 3.3.5, and 3.4.x prior to 3.4.3, XSS exists in app/helpers/application_helper.rb via a multi-value field with a crafted value that is mishandled during rendering of issue history.
Redmine Redmine 3.4.0
Redmine Redmine 3.4.1
Redmine Redmine 3.3.0
Redmine Redmine 3.3.2
Redmine Redmine 3.3.3
Redmine Redmine 3.3.4
Redmine Redmine
Redmine Redmine 3.4.2
Redmine Redmine 3.3.1
Debian Debian Linux 9.0
6.1
CVSSv3
CVE-2017-15569
In Redmine prior to 3.2.8, 3.3.x prior to 3.3.5, and 3.4.x prior to 3.4.3, XSS exists in app/helpers/queries_helper.rb via a multi-value field with a crafted value that is mishandled during rendering of an issue list.
Redmine Redmine
Redmine Redmine 3.3.1
Redmine Redmine 3.3.3
Redmine Redmine 3.4.0
Redmine Redmine 3.4.1
Redmine Redmine 3.4.2
Redmine Redmine 3.3.0
Redmine Redmine 3.3.2
Redmine Redmine 3.3.4
Debian Debian Linux 9.0
6.1
CVSSv3
CVE-2017-15570
In Redmine prior to 3.2.8, 3.3.x prior to 3.3.5, and 3.4.x prior to 3.4.3, XSS exists in app/views/timelog/_list.html.erb via crafted column data.
Redmine Redmine 3.4.1
Redmine Redmine 3.4.2
Redmine Redmine 3.3.0
Redmine Redmine 3.3.1
Redmine Redmine 3.4.0
Redmine Redmine 3.3.2
Redmine Redmine 3.3.4
Redmine Redmine 3.3.3
Redmine Redmine
Debian Debian Linux 9.0
6.1
CVSSv3
CVE-2017-15571
In Redmine prior to 3.2.8, 3.3.x prior to 3.3.5, and 3.4.x prior to 3.4.3, XSS exists in app/views/issues/_list.html.erb via crafted column data.
Redmine Redmine 3.4.0
Redmine Redmine 3.3.4
Redmine Redmine 3.4.2
Redmine Redmine 3.3.0
Redmine Redmine 3.3.1
Redmine Redmine 3.3.2
Redmine Redmine 3.4.1
Redmine Redmine 3.3.3
Redmine Redmine
Debian Debian Linux 9.0
6.1
CVSSv3
CVE-2016-10515
In Redmine prior to 3.2.3, there are stored XSS vulnerabilities affecting Textile and Markdown text formatting, and project homepages.
Redmine Redmine
6.1
CVSSv3
CVE-2015-8477
Cross-site scripting (XSS) vulnerability in Redmine prior to 2.6.2 allows remote malicious users to inject arbitrary web script or HTML via vectors involving flash message rendering.
Redmine Redmine
5.3
CVSSv3
CVE-2015-8537
app/views/journals/index.builder in Redmine prior to 2.6.9, 3.0.x prior to 3.0.7, and 3.1.x prior to 3.1.3 allows remote malicious users to obtain sensitive information by viewing an Atom feed.
Debian Debian Linux 8.0
Redmine Redmine
Redmine Redmine 3.0.3
Redmine Redmine 3.0.0
Redmine Redmine 3.1.2
Redmine Redmine 3.1.1
Redmine Redmine 3.0.6
Redmine Redmine 3.0.5
Redmine Redmine 3.1.0
Redmine Redmine 3.0.4
Redmine Redmine 3.0.2
Redmine Redmine 3.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »