OWASP or OTG-AUTHN-001 Sensitive Data Exposure in Redmine 4.0.4

Added by Amit Mehendale 2 months ago

We have implemented Redmine 4.0.4 recently. During VAPT security team came with an observation "Sensitive information transmitted in clear text" Earlier we used to use SAML plugin for version 2.6 which was not giving this problem.

Need guidance on resolving this.

Thanks

Amit Mehendale