Unrated severityNVD Advisory· Published Apr 28, 2021· Updated Aug 3, 2024
CVE-2021-31865
CVE-2021-31865
Description
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the allowed filename extensions of uploaded attachments.
Affected products
2- Redmine/Redminedescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- lists.debian.org/debian-lts-announce/2021/05/msg00013.htmlmitremailing-listx_refsource_MLIST
- www.redmine.org/news/131mitrex_refsource_MISC
- www.redmine.org/projects/redmine/wiki/Security_Advisoriesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.