CVE-2021-30164

Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the addissuenotes permission requirement by leveraging the Issues API...

CVE-2021-30164

CVE-2021-30164 affects Redmine's Issues API authorization, allowing bypass of add_issue_notes permission. Affected: Redmine < 4.0.8 and 4.1.x