Lucene search
K

5 matches found

NVD
NVD
added 2012/04/05 2:55 p.m.17 views

CVE-2012-0327

Cross-site scripting XSS vulnerability in Redmine before 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.5AI score0.01822EPSS
Exploits0References4
OSV
OSV
added 2012/04/05 2:55 p.m.3 views

CVE-2012-0327

Cross-site scripting XSS vulnerability in Redmine before 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.5AI score
Exploits0References4
Prion
Prion
added 2012/04/05 2:55 p.m.16 views

Security feature bypass

Redmine before 1.3.2 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set attributes in the 1 Comment, 2 Document, 3 IssueCategory, 4 MembersController, 5 Message, 6 News, 7 TimeEntry, 8 Version, 9 Wiki, 10 UserPreference, o...

5CVSS6.7AI score0.0209EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2012/04/04 10:0 a.m.62 views

CVE-2012-0327

The supplied connected documents confirm a vulnerability in Redmine before 1.3.2 described as a Cross-site scripting (XSS) flaw that lets remote attackers inject arbitrary web script or HTML via unspecified vectors. Affected software: Redmine prior to version 1.3.2. Root cause: XSS vulnerability ...

4.3CVSS5.5AI score0.01822EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2012/04/04 10:0 a.m.20 views

CVE-2012-0327

Cross-site scripting XSS vulnerability in Redmine before 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.6AI score0.01822EPSS
Exploits0
Rows per page
Query Builder