oss-sec mailing list archives
Unpatched XSS in Redmine 4.1
From: sjw () gmx ch
Date: Thu, 19 Nov 2020 14:51:06 +0000
Hi This is a heads up about a public, unpatched XSS vulnerability in Redmine 4.1. About 3 months ago, a public issue [1] has been reported in the Redmine bug tracker regarding unsanitized HTML tags. This basically means that you can inject any HTML code in issue titles, including JavaScript. I've successfully verified this on Redmine 4.1. There's a (untested) patch attached in the issue. I've also sent this to the Redmine security team but since there was no response from the maintainers so far and the issue is already public for a long time I'm posting this here to make people aware of it. Best regards [1] https://redmine.org/issues/33846
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Unpatched XSS in Redmine 4.1 sjw (Nov 19)