OWASP or OTG-AUTHN-001 Sensitive Data Exposure in Redmine 4.0.4

Added by Amit Mehendale about 1 year ago

We have implemented Redmine 4.0.4 recently. During VAPT security team came with an observation "Sensitive information transmitted in clear text" Earlier we used to use SAML plugin for version 2.6 which was not giving this problem.

Need guidance on resolving this.


Amit Mehendale