Unrated severityNVD Advisory· Published Apr 6, 2021· Updated Aug 3, 2024
CVE-2021-30164
CVE-2021-30164
Description
Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging the Issues API.
Affected products
2- Redmine/Redminedescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- lists.debian.org/debian-lts-announce/2021/05/msg00013.htmlmitremailing-listx_refsource_MLIST
- www.redmine.org/projects/redmine/wiki/Security_Advisoriesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.