FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

redmine -- multiple vulnerabilities

Affected packages
redmine < 1.3.2

Details

VuXML ID 0e0385d1-9ed5-11e5-8f5c-002590263bf5
Discovery 2012-03-11
Entry 2015-12-10

Redmine reports:

Mass-assignment vulnerability that would allow an attacker to bypass part of the security checks.

Persistent XSS vulnerability

References

CVE Name CVE-2012-0327
URL http://jvn.jp/en/jp/JVN93406632/
URL http://www.redmine.org/projects/redmine/wiki/Security_Advisories