The Issues API in Redmine prior to 2.6.8, 3.0.x prior to 3.0.6, and 3.1.x prior to 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 8.0 |
||
redmine redmine 3.1.0 |
||
redmine redmine 3.1.1 |
||
redmine redmine 3.0.4 |
||
redmine redmine 3.0.2 |
||
redmine redmine 3.0.0 |
||
redmine redmine 3.0.1 |
||
redmine redmine |
||
redmine redmine 3.0.5 |
||
redmine redmine 3.0.3 |