1
Candidate: CVE-2017-15570
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15570
5
https://www.redmine.org/projects/redmine/wiki/Security_Advisories
6
https://www.redmine.org/issues/27186 (private)
7
https://github.com/redmine/redmine/commit/1a0976417975a128b0a932ba1552c37e9414953b
8
https://www.redmine.org/issues/27186
10
In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS
11
exists in app/views/timelog/_list.html.erb via crafted column data.
21
upstream_redmine: needs-triage
22
precise/esm_redmine: DNE
23
trusty_redmine: needs-triage
24
xenial_redmine: needs-triage
25
zesty_redmine: ignored (reached end-of-life)
26
artful_redmine: released (3.3.1-4+deb9u1build0.17.10.1)
27
bionic_redmine: not-affected (3.4.4-1)
28
devel_redmine: not-affected (3.4.4-1)