CVE-2019-18890

Published November 21st, 2019

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECT

Description

A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query.

RealLinkers/CVE-2019-18890

CVE-2019-18890 POC (Proof of Concept)

GitHub