The vulnerability of the Markdown component in the Redmine project and task management web application, which allows a hacker to perform cross-site scripting attacks

The vulnerability of the Markdown component in the Redmine project and task management web application exists due to the lack of measures taken to protect the structure of the web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

JVN#93004610: Redmine vulnerable to open redirect

Redmine is a project management software. Redmine contains an open redirect vulnerability due to insufficient checking of the URL parameter. Impact A user who logs into Redmine may be redirected to an arbitrary website. As a result, the user may become a victim of a phishing attack. Solution Upda...

JVN#87341298 Redmine vulnerable to cross-site request forgery

Redmine is a project management software. Redmine contains a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged into Redmine, an arbitrary ticket may be deleted. Solution Update the Software Update to the latest version according to the information...