EUVD-2025-12569

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-4011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom...

CVE-2025-4011

A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...

CVE-2025-4011

A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...

DEBIAN-CVE-2025-4011

A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...

UBUNTU-CVE-2025-4011

A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...

CVE-2025-4011 Redmine Custom Query cross site scripting

A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...

CVE-2025-4011

CVE-2025-4011 affects Redmine versions 6.0.0–6.0.3, where the unknown code path in the Custom Query Handler improperly handles the argument named “Name”, enabling remote Cross‑Site Scripting (XSS) . The impact is limited to client-side execution and depends on user interaction as described by the...

Redmine 代码注入漏洞

Redmine is an open source set of open source Web-based project management and defect tracking tools from Redmine Open Source. The product provides features such as project management, issue tracking and role-based access control. A code injection vulnerability exists in Redmine versions 6.0.0,...

PT-2025-18051 · Redmine · Redmine

Name of the Vulnerable Software and Affected Versions: Redmine versions 6.0.0 through 6.0.3 Description: A vulnerability has been found in the Custom Query Handler component, affecting unknown code. The manipulation of the Name argument leads to cross-site scripting. The attack can be initiated...