Lucene search
Japan Vulnerability NotesJVN:87341298HistoryNov 19, 2009 - 12:00 a.m.
JVN#87341298 Redmine vulnerable to cross-site request forgery
2009-11-1900:00:00
Japan Vulnerability Notes
jvn.jp
16
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.6%
Redmine is a project management software. Redmine contains a cross-site request forgery vulnerability.
Impact
If a user views a malicious page while logged into Redmine, an arbitrary ticket may be deleted.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- Redmine 0.8.5 and earlier
Related
prion
prion
Cross site request forgery (csrf)
2009-11-25 22:00:00
ubuntucve
ubuntucve
CVE-2009-4079
2009-11-25 00:00:00
cve
cve
CVE-2009-4079
2009-11-25 22:00:00
debiancve
debiancve
CVE-2009-4079
2009-11-25 22:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
70.6%
Related for JVN:87341298