redmine computed custom field
i think this plugin must be by default in core redmine
all users need it
#2 Updated by Holger Just 2 months ago
- Status changed from New to Closed
- Resolution set to Wont fix
The plugin (and its various forks) rely on administrators entering raw Ruby code which is then evaluated. This effectively results in the plugin being an unmitigated remote-code-execution vulnerability which goes against the security guarantees of Redmine.
As such, this plugin will never be part of Redmine and I would strongly recommend to not use it anywhere because of the incredible security risks it brings.