Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8477

Опубликовано: 23 мая 2017
Источник: debian

Описание

Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
redminefixed3.0~20140825-5package
redmineend-of-lifesqueezepackage
redmineend-of-lifewheezypackage

Примечания

  • https://www.redmine.org/projects/redmine/wiki/Changelog_2_6

  • https://www.redmine.org/projects/redmine/wiki/Security_Advisories

  • https://www.redmine.org/issues/19117

  • https://github.com/redmine/redmine/commit/a1f40686ba43d121cbc8c095d2f8cc4095e70352#diff-847ef9328e260b1b93fd165d072b072d

Связанные уязвимости

ubuntu логотип

CVE-2015-8477

CVSS3: 6.1
ubuntu
больше 8 лет назад

Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering.

nvd логотип

CVE-2015-8477

CVSS3: 6.1
nvd
больше 8 лет назад

Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering.

github логотип

GHSA-2m2q-2ghr-grp8

CVSS3: 6.1
github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering.