Sensitive Information Disclosure via Atom Feed in Redmine

Sensitive Information Disclosure via Atom Feed in Redmine

CVE-2015-8537 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote attackers to obtain sensitive information by viewing an Atom feed.

Learn more about our Web Application Penetration Testing UK.