VYPR
Medium severity4.3NVD Advisory· Published Apr 12, 2016· Updated Jun 17, 2026

CVE-2015-8473

CVE-2015-8473

Description

The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • Redmine/Redmine10 versions
    cpe:2.3:a:redmine:redmine:*:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:redmine:redmine:*:*:*:*:*:*:*:*range: <=2.6.7
    • cpe:2.3:a:redmine:redmine:3.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:redmine:redmine:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:redmine:redmine:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:redmine:redmine:3.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:redmine:redmine:3.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:redmine:redmine:3.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:redmine:redmine:3.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:redmine:redmine:3.1.1:*:*:*:*:*:*:*
    • (no CPE)range: <2.6.8, >=3.0.0 <3.0.6, >=3.1.0 <3.1.2
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.