CVE-2015-8537

Sažetak

app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote attackers to obtain sensitive information by viewing an Atom feed.

Reference

http://www.debian.org/security/2016/dsa-3529
http://www.redmine.org/news/103
https://github.com/redmine/redmine/commit/7e423fb4538247d59e01958c48b491f196a1de56

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

20-04-2016 - 19:42

Objavljeno

12-04-2016 - 14:59