app/views/timelog/_form.html.erb in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote attackers to obtain sensitive information about subjects of issues by viewing the time logging form.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2016-04-12T14:00:00
Updated: 2016-04-12T13:57:01
Reserved: 2015-11-25T00:00:00
Link: CVE-2015-8346
JSON object: View
NVD Information
Status : Analyzed
Published: 2016-04-12T14:59:03.147
Modified: 2016-04-20T21:08:50.180
Link: CVE-2015-8346
JSON object: View
Redhat Information
No data.
CWE