Redmine prior to 4.0.9, 4.1.x prior to 4.1.3, and 4.2.x prior to 4.2.1 allows users to circumvent the allowed filename extensions of uploaded attachments.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redmine redmine |
||
debian debian linux 9.0 |