{"id":"CVE-2017-15571","details":"In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/views/issues/_list.html.erb via crafted column data.","modified":"2026-04-10T03:57:31.098984Z","published":"2017-10-18T02:29:00.407Z","references":[{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4191"},{"type":"REPORT","url":"https://www.redmine.org/issues/27186"},{"type":"FIX","url":"https://github.com/redmine/redmine/commit/273dd9cb3bcfb1e0a0b90570b3b34eafa07d67aa"},{"type":"FIX","url":"https://www.redmine.org/projects/redmine/wiki/Security_Advisories"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/redmine/redmine","events":[{"introduced":"0"},{"last_affected":"fb97158c976c41911e3e875136b21055c294084e"},{"introduced":"0"},{"last_affected":"6655bc6d4049a948d35986416c1912c810012ff0"},{"introduced":"0"},{"last_affected":"93cd8829a79fb3b9e354a0589bf8c354247af11e"},{"introduced":"0"},{"last_affected":"7827d9cdf8c0f198b776bcd88881a57d83390ee1"},{"introduced":"0"},{"last_affected":"7068d29898fed73f977e85987ee187f82384b72e"},{"introduced":"0"},{"last_affected":"d357acec85c4bf3621ac549e3e3c809a984528ee"},{"introduced":"0"},{"last_affected":"c6e341a59b705eb40b4b102c699344fef15f0cad"},{"introduced":"0"},{"last_affected":"c4b35955103291b5f1a290360bcb5aecb0c06aa5"},{"introduced":"0"},{"last_affected":"72bd36c647b514d37c7761db5ae2f54cda70b569"},{"fixed":"273dd9cb3bcfb1e0a0b90570b3b34eafa07d67aa"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.2.7"},{"introduced":"0"},{"last_affected":"3.3.0"},{"introduced":"0"},{"last_affected":"3.3.1"},{"introduced":"0"},{"last_affected":"3.3.2"},{"introduced":"0"},{"last_affected":"3.3.3"},{"introduced":"0"},{"last_affected":"3.3.4"},{"introduced":"0"},{"last_affected":"3.4.0"},{"introduced":"0"},{"last_affected":"3.4.1"},{"introduced":"0"},{"last_affected":"3.4.2"}]}}],"versions":["3.2.7","3.3.0","3.3.1","3.3.2","3.3.3","3.3.4","3.4.0","3.4.1","3.4.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-15571.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}