2 matches found
CVE-2009-4078
Multiple cross-site scripting XSS vulnerabilities in Redmine 0.8.5 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-4078
CVE-2009-4078 affects Redmine 0.8.5 and earlier, due to multiple cross-site scripting (XSS) vulnerabilities. An attacker can cause a user’s browser to execute arbitrary script, potentially leaking cookies and enabling session hijacking. The underlying issue is XSS in Redmine’s web UI, with vector...