Vulnerability Database
Blog
FAQ
Docs
BIT-redmine-2023-47260
See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/redmine/BIT-redmine-2023-47260.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-redmine-2023-47260
Aliases
CVE-2023-47260
Published
2024-03-06T11:03:25.002Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails.
References
https://www.redmine.org/projects/redmine/wiki/Security_Advisories
Affected packages
Bitnami
/
redmine
Package
Name
redmine
Purl
pkg:bitnami/redmine
Severity
6.1 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS Calculator
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
4.2.11
Introduced
5.0.0
Fixed
5.0.6
BIT-redmine-2023-47260 - OSV