CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47258
https://notcve.org/view.php?id=CVE-2023-47258
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a Markdown formatter. Redmine anterior a 4.2.11 y 5.0.x anterior a 5.0.6 permite XSS en un formateador Markdown. • https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47259
https://notcve.org/view.php?id=CVE-2023-47259
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter. Redmine anterior a 4.2.11 y 5.0.x anterior a 5.0.6 permite XSS en el formateador textil. • https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47260
https://notcve.org/view.php?id=CVE-2023-47260
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails. Redmine anterior a 4.2.11 y 5.0.x anterior a 5.0.6 permite XSS mediante miniaturas. • https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-44637
https://notcve.org/view.php?id=CVE-2022-44637
Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user. Redmine anterior a 4.2.9 y 5.0.x anterior a 5.0.4 permite XSS persistente en su formateador Textil debido a una sanitización inadecuada en los campos formateados en Redcloth3 Textile. Dependiendo de la configuración, esto podría requerir iniciar sesión como usuario registrado. • https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-44031
https://notcve.org/view.php?id=CVE-2022-44031
Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields. Redmine anterior a 4.2.9 y 5.0.x anterior a 5.0.4 permite XSS persistente en su formateador Textil debido a una sanitización inadecuada de la sintaxis de citas en bloque en campos con formato Textil. • https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •