Vulnerabilities > Redmine > Redmine > 2.6.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-18 | CVE-2016-10515 | Cross-site Scripting vulnerability in Redmine In Redmine before 3.2.3, there are stored XSS vulnerabilities affecting Textile and Markdown text formatting, and project homepages. | 4.3 |
| 2016-04-12 | CVE-2015-8537 | Information Exposure vulnerability in multiple products app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote attackers to obtain sensitive information by viewing an Atom feed. | 5.0 |