CVE-2021-42326 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Information disclosure |
| Description | Redmine before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2462 | redmine | 4.2.2-2 | 4.2.3-1 | Medium | Fixed | FS#72728 |
| References |
|---|
https://www.redmine.org/projects/redmine/wiki/Security_Advisories https://www.redmine.org/issues/35789 https://github.com/redmine/redmine/commit/3fd9787e43f7092490e7f0ce36900bbeafd4921b |