CVE-2015-8346
MEDIUM5.3EPSS 0.46%redmine - security update
Published: 4/12/2016Modified: 4/28/2026
Also known as:DEBIAN-CVE-2015-8346
Description
app/views/timelog/_form.html.erb in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote attackers to obtain sensitive information about subjects of issues by viewing the time logging form.
Affected packages (3)
- Debian/redminefrom 0, < 3.2.0-1
- Debian/redminefrom 0, < 1.0.1-2+deb6u11
- Debian/redminefrom 0, < 3.0~20140825-8~deb8u2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |