8 matches found
CVE-2025-4011
creationtimestamp| type| source ---|---|--- 2025-04-28 09:40:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnuhxixa4c2v 2025-04-28 13:13:38+00:00| seen| https://t.me/cvedetector/23901...
CVE-2025-4011
A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...
CVE-2025-4011
A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...
CVE-2025-4011
A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...
CVE-2025-4011 Redmine Custom Query cross site scripting
A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...
CVE-2025-4011
CVE-2025-4011 affects Redmine versions 6.0.0–6.0.3, where the unknown code path in the Custom Query Handler improperly handles the argument named “Name”, enabling remote Cross‑Site Scripting (XSS) . The impact is limited to client-side execution and depends on user interaction as described by the...
CVE-2025-4011 Redmine Custom Query cross site scripting
A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...
CVE-2025-4011
A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to...