---

CVE-2021-29274 - log back

CVE-2021-29274 edited at 06 Apr 2021 09:48:21
References	https://www.redmine.org/projects/redmine/wiki/Security_Advisories https://www.redmine.org/issues/33846 - https://github.com/redmine/redmine/commit/35f5165c2dfc0364514541d38840e12024e2bc91 + https://github.com/redmine/redmine/commit/bbfade972865e78e4d865af2cdb93e6cb57d5a45

CVE-2021-29274 edited at 06 Apr 2021 09:46:39
References	+ https://www.redmine.org/projects/redmine/wiki/Security_Advisories https://www.redmine.org/issues/33846 https://github.com/redmine/redmine/commit/35f5165c2dfc0364514541d38840e12024e2bc91

CVE-2021-29274 edited at 29 Mar 2021 08:25:22
Severity	- Unknown + High
Remote	- Unknown + Remote
Type	- Unknown + Cross-site scripting
Description	+ Redmine 4.1.x before 4.1.2 allows cross-site scripting (XSS) because an issue's subject is mishandled in the auto complete tip.
References	+ https://www.redmine.org/issues/33846 + https://github.com/redmine/redmine/commit/35f5165c2dfc0364514541d38840e12024e2bc91
Notes

CVE-2021-29274 created at 29 Mar 2021 08:22:04