Hauvcp

**Name of the Vulnerable Software and Affected Versions** Redmine versions 6.0.0 through 6.0.3 **Description** A vulnerability has been found in the Custom Query Handler component, affecting unknown code. The manipulation of the `Name` argument leads to cross-site scripting. The attack can be initiated remotely. **Recommendations** For versions 6.0.0 through 6.0.3, upgrade to version 6.0.4 to address this issue. As a temporary workaround, consider restricting the manipulation of the `Name` argument in the Custom Query Handler component until the upgrade is applied.