Medium severity6.1NVD Advisory· Published May 23, 2017· Updated Jun 17, 2026
CVE-2015-8477
CVE-2015-8477
Description
Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
5- www.redmine.org/issues/19117nvdPatchVendor Advisory
- www.openwall.com/lists/oss-security/2015/12/05/7nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2015/12/05/8nvdMailing ListThird Party Advisory
- www.redmine.org/projects/redmine/wiki/Security_AdvisoriesnvdVendor Advisory
- www.redmine.org/projects/redmine/repository/entry/tags/2.6.2/doc/CHANGELOGnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.