CVE-2012-0327

Redmine <1.3.2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (4)

[Third Party Advisory] http://jvn.jp/en/jp/JVN93406632/index.html

[Third Party Advisory] http://jvndb.jvn.jp/jvndb/JVNDB-2012-000025

[Various Sources] http://www.redmine.org/versions/42

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/52447

Scores

EPSS 0.0036

EPSS Percentile 57.7%

Classification

CWE

CWE-79

Status published

Affected Products (50)

redmine/redmine < 1.3.1

redmine/redmine

... and 35 more

Timeline

Published Apr 05, 2012

Tracked Since Feb 18, 2026