Redmine 4.2.0 and 4.2.1 allow existing user sessions to continue upon enabling two-factor authentication for the user's account, but the intended behavior is for those sessions to be terminated.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redmine redmine 4.2.0 |
||
redmine redmine 4.2.1 |