Redmine prior to 4.0.7 and 4.1.x prior to 4.1.1 allows malicious users to discover the subject of a non-visible issue by performing a CSV export and reading time entries.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redmine redmine |
||
debian debian linux 9.0 |