Unrated severityNVD Advisory· Published Oct 12, 2021· Updated Aug 4, 2024
CVE-2021-42326
CVE-2021-42326
Description
Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter.
Affected products
2- Redmine/Redminedescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- lists.debian.org/debian-lts-announce/2021/10/msg00013.htmlmitremailing-listx_refsource_MLIST
- www.redmine.org/news/133mitrex_refsource_MISC
- www.redmine.org/projects/redmine/wiki/Changelog_4_1mitrex_refsource_MISC
- www.redmine.org/projects/redmine/wiki/Changelog_4_2mitrex_refsource_MISC
- www.redmine.org/projects/redmine/wiki/Security_Advisoriesmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.