CVE-2009-4078

Redmine <0.8.5 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in Redmine 0.8.5 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (9)

Scores

EPSS 0.0070
EPSS Percentile 71.9%

Classification

CWE
CWE-79
Status published

Affected Products (28)

redmine/redmine < 0.8.5
redmine/redmine
redmine/redmine
redmine/redmine
redmine/redmine
redmine/redmine
redmine/redmine
redmine/redmine
redmine/redmine
redmine/redmine
redmine/redmine
redmine/redmine
redmine/redmine
redmine/redmine
redmine/redmine
... and 13 more

Timeline

Published Nov 25, 2009
Tracked Since Feb 18, 2026