AVG-2462 log

Package redmine
Status Vulnerable
Severity Medium
Type information disclosure
Affected 4.2.2-2
Fixed Unknown
Current 4.2.2-2 [community]
Ticket Create
Created Wed Oct 13 08:47:55 2021
Issue Severity Remote Type Description
CVE-2021-42326 Medium Yes Information disclosure
Redmine before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter.