Sensitive Information Disclosure in Redmine Issues API

Sensitive Information Disclosure in Redmine Issues API

CVE-2015-8473 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects.

Learn more about our Api Penetration Testing.