Product
redmine
51 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-47260
CVE-2023-47259
CVE-2023-47258
CVE-2022-44637
CVE-2022-44031
CVE-2022-44030
CVE-2021-42326
CVE-2021-37156
CVE-2021-31866
CVE-2021-31865
CVE-2021-31864
CVE-2021-31863
CVE-2021-30164
CVE-2021-30163
CVE-2020-36308
CVE-2020-36307
CVE-2020-36306
CVE-2019-25026
CVE-2021-29274
CVE-2019-18890
CVE-2019-17427
CVE-2017-18026
CVE-2017-16804
CVE-2017-15577
CVE-2017-15576
CVE-2017-15575
CVE-2017-15574
CVE-2017-15573
CVE-2017-15572
CVE-2017-15571
CVE-2017-15570
CVE-2017-15569
CVE-2017-15568
CVE-2016-10515
CVE-2015-8477
CVE-2015-8537
CVE-2015-8474
CVE-2015-8473
CVE-2015-8346
CVE-2013-4663
CVE-2014-1985
CVE-2011-4929
CVE-2011-4928
CVE-2011-4927
CVE-2012-2054
CVE-2012-0327
CVE-2011-1723
CVE-2009-4459
CVE-2009-4079
CVE-2009-4078
CVE-2008-4481
< 4.2.11
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails.
< 4.2.11
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter.
< 4.2.11
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a Markdown formatter.
< 4.2.9
Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redclot
< 4.2.9
Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blo
>= 5.0.0 and <= 5.0.3
Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission check
< 4.1.5
Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter
all versions
Redmine 4.2.0 and 4.2.1 allow existing user sessions to continue upon enabling two-factor authentication for the user's account, b
< 4.0.9
Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal authentication keys by observing ti
< 4.0.9
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the allowed filename extensions of upl
< 4.0.9
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the add_issue_notes permission require
< 4.0.9
Insufficient input validation in the Git repository integration of Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.
< 4.0.8
Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging th
< 4.0.8
Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discover the names of private projects if issue-journal details ex
< 4.0.7
Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV ex
< 4.0.7
Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links.
< 4.0.7
Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field.
< 3.4.13
Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting.
>= 4.1.0 and < 4.1.2
Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip.
< 3.3.10
A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected informatio
< 3.4.11
In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors.
< 3.2.9
Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does not block the --config and --debugger flags to the Mercurial
< 3.2.7
In Redmine before 3.2.7 and 3.3.x before 3.3.4, the reminders function in app/models/mailer.rb does not check whether an issue is
<= 3.2.5
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows remote attackers to obtain sensit
<= 3.2.5
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views, which allows remote attackers to ob
<= 3.2.5
In Redmine before 3.2.6 and 3.3.x before 3.3.3, Redmine.pm lacks a check for whether the Repository module is enabled in a project
<= 3.2.5
In Redmine before 3.2.6 and 3.3.x before 3.3.3, stored XSS is possible by using an SVG document as an attachment.
<= 3.2.5
In Redmine before 3.2.6 and 3.3.x before 3.3.3, XSS exists because markup is mishandled in wiki content.
<= 3.2.5
In Redmine before 3.2.6 and 3.3.x before 3.3.3, remote attackers can obtain sensitive information (password reset tokens) by readi
<= 3.2.7
In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/issues/_list.html.erb via crafted col
<= 3.2.7
In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/timelog/_list.html.erb via crafted co
<= 3.2.7
In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/queries_helper.rb via a multi-value
<= 3.2.7
In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/application_helper.rb via a multi-v
<= 3.2.2
In Redmine before 3.2.3, there are stored XSS vulnerabilities affecting Textile and Markdown text formatting, and project homepage
<= 2.6.1
Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML vi
<= 2.6.8
app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote attackers to ob
<= 2.6.6
Open redirect vulnerability in the valid_back_url function in app/controllers/application_controller.rb in Redmine before 2.6.7, 3
<= 2.6.7
The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote authenticated users to obtain sen
<= 2.6.7
app/views/timelog/_form.html.erb in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote attackers to ob
all versions
git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to execute arbitrary commands via she
<= 2.4.4
Open redirect vulnerability in the redirect_back_or_default function in app/controllers/application_controller.rb in Redmine befor
all versions
Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 allows remote attackers to exec
<= 1.0.4
Cross-site scripting (XSS) vulnerability in the textile formatter in Redmine before 1.0.5 allows remote attackers to inject arbitr
all versions
Unspecified vulnerability in the bazaar repository adapter in Redmine 1.0.x before 1.0.5 allows remote authenticated users to obta
<= 1.3.1
Redmine before 1.3.2 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote
<= 1.3.1
Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2 allows remote attackers to inject arbitrary web script or HTML vi
all versions
Cross-site scripting (XSS) vulnerability in app/views/layouts/base.rhtml in Redmine 1.0.1 through 1.1.1 allows remote attackers to
<= 0.8.7
Redmine 0.8.7 and earlier uses the title tag before defining the character encoding in a meta tag, which allows remote attackers t
<= 0.8.5
Cross-site request forgery (CSRF) vulnerability in Redmine 0.8.5 and earlier allows remote attackers to hijack the authentication
<= 0.8.5
Multiple cross-site scripting (XSS) vulnerabilities in Redmine 0.8.5 and earlier allow remote attackers to inject arbitrary web sc
<= 0.7.2
Cross-site scripting (XSS) vulnerability in Redmine 0.7.2 and earlier allows remote attackers to inject arbitrary web script or HT