CVE-2017-15569

Published: Oct 18, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/queries_helper.rb via a multi-value field with a crafted value that is mishandled during rendering of an issue list.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.redmine.org/projects/redmine/wiki/Security_Advisories

x_refsource_CONFIRM

DSA-4191

vendor-advisory

x_refsource_DEBIAN

https://www.redmine.org/issues/27186

x_refsource_CONFIRM

https://github.com/redmine/redmine/commit/56c8ee0440d8555aa7822d947ba9091c8a791508

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-15569

Description

Affected Products

References