4 matches found
CVE-2015-8477
Cross-site scripting XSS vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering...
CVE-2015-8477
CVE-2015-8477 affects Redmine prior to 2.6.2, where a cross-site scripting (XSS) vulnerability exists in the rendering of flash messages. The underlying issue is improper sanitization of user-controlled content within message rendering, enabling an attacker to inject arbitrary HTML/JavaScript. Im...
CVE-2015-8477
Cross-site scripting XSS vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering...
CVE-2015-8477
Cross-site scripting XSS vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering...