4 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-36306
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the backurl field. CVE-2020-36306 Note that Nessus relies on the presence of the package as reported by...
CVE-2021-29274
Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip...
CVE-2021-29274
Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip...
CVE-2021-29274
Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip...