• info
• discussion
• exploit
• solution
• references

Redmine Cross Site Scripting And Request Forgery Remote Vulnerabilities

An attacker can use a browser to exploit these issues. The attacker must entice an unsuspecting user to follow a malicious URI.