CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Positive Technologies•added 2026/05/06 12:0 a.m.•9 views

PT-2026-38088

Name of the Vulnerable Software and Affected Versions Mistune versions 3.0.0a1 through 3.2.0 Description A Regular Expression Denial of Service ReDoS exists in the LINK TITLE RE regular expression. An attacker can provide specially crafted Markdown for parsing that triggers catastrophic...

8.7CVSS5.7AI score0.00348EPSS

Exploits0References10

OSV•added 2024/03/06 11:5 a.m.•20 views

BIT-REDMINE-2020-36307

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links...

6.1CVSS6AI score0.00696EPSS

Exploits0References3

Veracode•added 2021/05/16 7:27 a.m.•17 views

Cross-Site Scripting (XSS)

Redmine is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute arbitrary Javascript in a user's browser via textile inline links...

6.1CVSS4AI score0.00696EPSS

Exploits0References3Affected Software1

CNVD•added 2021/04/07 12:0 a.m.•8 views

Redmine Cross-Site Scripting Vulnerability (CNVD-2021-27366)

Redmine is an open source, web-based project management and defect tracking tool. A stored cross-site scripting vulnerability exists in Redmine. An attacker can exploit this vulnerability via textile inline links to conduct cross-site scripting attacks...

6.1CVSS5.7AI score0.00696EPSS

Exploits0References1

NVD•added 2021/04/06 8:15 a.m.•12 views

CVE-2020-36307

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links...

6.1CVSS0.00696EPSS

Exploits0References2

OSV•added 2021/04/06 8:15 a.m.•17 views

CVE-2020-36307

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links...

6.1CVSS5.5AI score

Exploits0References2

Prion•added 2021/04/06 8:15 a.m.•15 views

Cross site scripting

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links...

4.3CVSS6.1AI score0.00696EPSS

Exploits0References2Affected Software2

UbuntuCve•added 2021/04/06 8:15 a.m.•18 views

CVE-2020-36307

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links...

6.1CVSS6.3AI score0.00696EPSS

Exploits0References2

CVE•added 2021/04/06 7:59 a.m.•59 views

CVE-2020-36307

CVE-2020-36307 affects Redmine before 4.0.7 and Redmine 4.1.x before 4.1.1, with a stored XSS flaw via textile inline links. Several connected sources corroborate the vulnerability as a stored cross‑site scripting issue in Redmine’s web UI. Debian LTS advisories cite a patched Redmine version (3....

6.1CVSS6AI score0.00696EPSS

Exploits0References2Affected Software1

Debian CVE•added 2021/04/06 7:59 a.m.•28 views

CVE-2020-36307

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links...

6.1CVSS6AI score0.00696EPSS

Exploits0

Positive Technologies•added 2021/04/06 12:0 a.m.•3 views

PT-2021-4536 · Redmine · Redmine

Name of the Vulnerable Software and Affected Versions: Redmine versions 4.0.0 through 4.0.6 Redmine versions 4.1.0 through 4.1.0 Description: The issue is related to stored XSS via textile inline links, which can be exploited by a remote attacker to impact data integrity. The vulnerability is due...

9.8CVSS6AI score0.01737EPSS

Exploits0References39

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by