42 results (0.002 seconds)

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a Markdown formatter. Redmine anterior a 4.2.11 y 5.0.x anterior a 5.0.6 permite XSS en un formateador Markdown. • https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter. Redmine anterior a 4.2.11 y 5.0.x anterior a 5.0.6 permite XSS en el formateador textil. • https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails. Redmine anterior a 4.2.11 y 5.0.x anterior a 5.0.6 permite XSS mediante miniaturas. • https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user. Redmine anterior a 4.2.9 y 5.0.x anterior a 5.0.4 permite XSS persistente en su formateador Textil debido a una sanitización inadecuada en los campos formateados en Redcloth3 Textile. Dependiendo de la configuración, esto podría requerir iniciar sesión como usuario registrado. • https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields. Redmine anterior a 4.2.9 y 5.0.x anterior a 5.0.4 permite XSS persistente en su formateador Textil debido a una sanitización inadecuada de la sintaxis de citas en bloque en campos con formato Textil. • https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •