2 matches found
CVE-2015-8537
app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote attackers to obtain sensitive information by viewing an Atom feed...
CVE-2015-8537
CVE-2015-8537 : Redmine versions prior to 2.6.9, 3.0.x prior to 3.0.7, and 3.1.x prior to 3.1.3 expose sensitive information through viewing an Atom feed. Root cause is information disclosure via Atom feed handling. Remediation per sources: upgrade to fixed Redmine releases (e.g., Debian advisory...