Insufficient input validation in the Git repository integration of Redmine prior to 4.0.9, 4.1.x prior to 4.1.3, and 4.2.x prior to 4.2.1 allows Redmine users to read arbitrary local files accessible by the application server process.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redmine redmine |
||
debian debian linux 9.0 |