EPSS
Percentile
17.0%
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter.
www.redmine.org/projects/redmine/wiki/Security_Advisories