CVE-2015-8346
N/A
N/A
Summary
app/views/timelog/_form.html.erb in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote attackers to obtain sensitive information about subjects of issues by viewing the time logging form.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.redmine.org/issues/21150
- http://www.redmine.org/news/102
- http://www.debian.org/security/2016/dsa-3529
- https://github.com/redmine/redmine/commit/c096dde88ff02872ba35edc4dc403c80a7867b5c
References
- https://www.redmine.org/issues/21150
- http://www.redmine.org/news/102
- http://www.debian.org/security/2016/dsa-3529
- https://github.com/redmine/redmine/commit/c096dde88ff02872ba35edc4dc403c80a7867b5c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.