{"id":"CVE-2015-8537","details":"app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote attackers to obtain sensitive information by viewing an Atom feed.","modified":"2026-04-10T03:46:31.578346Z","published":"2016-04-12T14:59:06Z","references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3529"},{"type":"ADVISORY","url":"http://www.redmine.org/news/103"},{"type":"FIX","url":"http://www.redmine.org/news/103"},{"type":"FIX","url":"https://github.com/redmine/redmine/commit/7e423fb4538247d59e01958c48b491f196a1de56"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}