Lucene search
K

140 matches found

OSV
OSV
added 2017/10/18 2:29 a.m.4 views

DEBIAN-CVE-2016-10515

In Redmine before 3.2.3, there are stored XSS vulnerabilities affecting Textile and Markdown text formatting, and project homepages...

6.1CVSS6.3AI score0.00678EPSS
Exploits0References1
OSV
OSV
added 2017/10/18 2:29 a.m.19 views

CVE-2016-10515

In Redmine before 3.2.3, there are stored XSS vulnerabilities affecting Textile and Markdown text formatting, and project homepages...

6.1CVSS6.1AI score
Exploits0References1
CVE
CVE
added 2017/10/18 2:0 a.m.56 views

CVE-2016-10515

CVE-2016-10515 affects Redmine prior to 3.2.3, with stored XSS in Textile and Markdown text formatting and project homepages. The root cause is stored cross-site scripting in user-supplied formatting that can be persisted in pages rendered by Redmine. Affected software is Redmine (versions before...

6.1CVSS6.1AI score0.00678EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/10/18 2:0 a.m.20 views

CVE-2016-10515

In Redmine before 3.2.3, there are stored XSS vulnerabilities affecting Textile and Markdown text formatting, and project homepages...

6.2AI score0.00678EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/10/18 2:0 a.m.28 views

CVE-2016-10515

In Redmine before 3.2.3, there are stored XSS vulnerabilities affecting Textile and Markdown text formatting, and project homepages...

6.1CVSS6.3AI score0.00678EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2017/10/11 12:53 a.m.11 views

knoll.com XSS vulnerability

Vulnerable URL: https://www.knoll.com/textile-search-results?authkey==UPHOLSTERY=priceHigh=xss%22%3E%3Csvg/onload=prompt%27openbugbounty%27%3E=1347382634020=1353009381576===search Details: Description| Value ---|--- Patched:| No Latest check for patch:| 09.01.2018 Vulnerability type:| XSS...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/05/06 7:1 a.m.12 views

gamme-select.fr XSS vulnerability

Vulnerable URL: http://www.gamme-select.fr/textile/eponge-88.html?limit=16=listing=3 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3136948 VIP website status:| No Check...

6.3AI score
Exploits0
Hacker One
Hacker One
added 2017/02/11 12:44 p.m.43 views

GitLab: [Textile] XSS in project README files

Hi, Another parser bypass here – I discovered that Textile markup can be used to inject a stored JavaScript payload into a project README.textile file : Steps to Reproduce 1. Create a new GitLab project 2. Initialise the project by creating a README file 3. Set the file title to README.textile 4...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/26 12:0 a.m.29 views

Debian DLA-167-1 : redcloth security update

Kousuke Ebihara discovered that redcloth, a Ruby module used to convert Textile markup to HTML, did not properly sanitize its input. This allowed a remote attacker to perform a cross-site scripting attack by injecting arbitrary JavaScript code into the generated HTML. NOTE: Tenable Network Securi...

4.3CVSS8.4AI score0.02253EPSS
Exploits1References3
OSV
OSV
added 2015/03/07 12:0 a.m.12 views

DLA-167-1 redcloth - security update

Bulletin has no description...

4.3CVSS6.3AI score0.02253EPSS
Exploits1
Debian
Debian
added 2015/02/22 6:2 p.m.19 views

[SECURITY] [DSA 3168-1] ruby-redcloth security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3168-1 [email protected] http://www.debian.org/security/ Sebastien Delafond February 22, 2015 http://www.debian.org/security/faq -...

4.3CVSS6AI score0.02253EPSS
Exploits1
GitLab Advisory Database
GitLab Advisory Database
added 2015/01/07 12:0 a.m.32 views

Textile Link Parsing XSS

RedCloth Gem for Ruby contains a flaw that allows a cross-site scripting XSS attack. This flaw exists because the program does not validate input when parsing textile links before returning it to users. This may allow a remote attacker to create a specially crafted request that would execute...

4.3CVSS4.7AI score0.02253EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2012/10/08 6:55 p.m.15 views

CVE-2011-4928

Cross-site scripting XSS vulnerability in the textile formatter in Redmine before 1.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.6AI score0.01832EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2012/10/08 6:55 p.m.13 views

CVE-2011-4928

Cross-site scripting XSS vulnerability in the textile formatter in Redmine before 1.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01832EPSS
Exploits0References2
OSV
OSV
added 2012/10/08 6:55 p.m.4 views

DEBIAN-CVE-2011-4928

Cross-site scripting XSS vulnerability in the textile formatter in Redmine before 1.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01832EPSS
Exploits0References1
Cvelist
Cvelist
added 2012/10/08 6:0 p.m.19 views

CVE-2011-4928

Cross-site scripting XSS vulnerability in the textile formatter in Redmine before 1.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.6AI score0.01832EPSS
Exploits0References4
CVE
CVE
added 2012/10/08 6:0 p.m.57 views

CVE-2011-4928

The CVE-2011-4928 entry is for an XSS vulnerability in Redmine’s textile formatter prior to version 1.0.5, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. The provided documents confirm the affected component and the general impact, but do not include con...

4.3CVSS5.7AI score0.01832EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2012/10/08 6:0 p.m.21 views

CVE-2011-4928

Cross-site scripting XSS vulnerability in the textile formatter in Redmine before 1.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.6AI score0.01832EPSS
Exploits0
securityvulns
securityvulns
added 2011/06/19 12:0 a.m.48 views

[SECURITY] [DSA 2261-1] redmine security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2261-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst June 15, 2011 http://www.debian.org/security/faq -...

1.1AI score
Exploits0
FreeBSD
FreeBSD
added 2010/12/23 12:0 a.m.10 views

redmine -- multiple vulnerabilities

Jean-Philippe Lang reports: This release also fixes 3 security issues reported by joernchen of Phenoelit: logged in users may be able to access private data affected versions: 1.0.x persistent XSS vulnerability in textile formatter affected versions: all previous releases remote command execution...

3.5AI score
Exploits0References1
Rows per page
Query Builder