Fernando Hartmann

**Nome do software vulnerável e versões afetadas: Versões 4.1.0 a 4.1.1 do Redmine Descrição: O problema decorre do tratamento incorreto do assunto de uma solicitação na sugestão de preenchimento automático, levando a um potencial ataque XSS. Recomendações: Para as versões 4.1.0 a 4.1.1, atualize para a versão 4.1.2 ou posterior para resolver o problema.

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions 3.0.x, 3.5, and 3.5.1 **Description** The issue allows remote attackers to cause a denial of service, resulting in an uncaught exception and application crash, via a long Unicode string argument to the `write` method. This issue was initially reported as a stack-based buffer overflow. **Recommendations** For Mozilla Firefox versions 3.0.x, 3.5, and 3.5.1, consider avoiding the use of long Unicode strings in the `write` method until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.