CVE-2021-29274 log
Source |
|
Severity | High |
Remote | Yes |
Type | Cross-site scripting |
Description | Redmine 4.1.x before 4.1.2 allows cross-site scripting (XSS) because an issue's subject is mishandled in the auto complete tip. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1743 | redmine | 4.1.1-2 | 4.2.1-1 | Critical | Fixed | FS#70203 |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
19 May 2021 | ASA-202105-1 | AVG-1743 | redmine | Critical | multiple issues |
References |
---|
https://www.redmine.org/projects/redmine/wiki/Security_Advisories https://www.redmine.org/issues/33846 https://github.com/redmine/redmine/commit/bbfade972865e78e4d865af2cdb93e6cb57d5a45 |