Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-42326 - log back

CVE-2021-42326 edited at 13 Oct 2021 08:52:08

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Information disclosure

Description

+	Redmine before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter.

References

+	https://www.redmine.org/projects/redmine/wiki/Security_Advisories
+	https://www.redmine.org/issues/35789
+	https://github.com/redmine/redmine/commit/3fd9787e43f7092490e7f0ce36900bbeafd4921b

Notes

CVE-2021-42326 created at 13 Oct 2021 08:47:55