3 matches found
Debian DSA-4191-1 : redmine - security update
Multiple vulnerabilities were discovered in Redmine, a project management web application. They could lead to remote code execution, information disclosure or cross-site scripting attacks. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
CVE-2017-15576
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to obtain sensitive information...
CVE-2017-15576
CVE-2017-15576 affects Redmine before 3.2.6 and 3.3.x before 3.3.3. The issue arises from mishandling Time Entry rendering in activity views, enabling remote disclosure of sensitive information. The vulnerability is labeled as information disclosure with CVSSv3 base score 7.5 (NETWORK, LOW attack...