Lucene search
K

6 matches found

OSV
OSV
added 2024/03/06 11:5 a.m.20 views

BIT-REDMINE-2020-36307

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links...

6.1CVSS6AI score0.00696EPSS
Exploits0References3
Veracode
Veracode
added 2021/05/16 7:27 a.m.18 views

Cross-Site Scripting (XSS)

Redmine is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute arbitrary Javascript in a user's browser via textile inline links...

6.1CVSS4AI score0.00696EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2021/04/07 12:0 a.m.8 views

Redmine Cross-Site Scripting Vulnerability (CNVD-2021-27366)

Redmine is an open source, web-based project management and defect tracking tool. A stored cross-site scripting vulnerability exists in Redmine. An attacker can exploit this vulnerability via textile inline links to conduct cross-site scripting attacks...

6.1CVSS5.7AI score0.00696EPSS
Exploits0References1
Prion
Prion
added 2021/04/06 8:15 a.m.16 views

Cross site scripting

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links...

4.3CVSS6.1AI score0.00696EPSS
Exploits0References2Affected Software2
Debian CVE
Debian CVE
added 2021/04/06 7:59 a.m.28 views

CVE-2020-36307

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links...

6.1CVSS6AI score0.00696EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/04/06 12:0 a.m.4 views

PT-2021-4536 · Redmine · Redmine

Name of the Vulnerable Software and Affected Versions: Redmine versions 4.0.0 through 4.0.6 Redmine versions 4.1.0 through 4.1.0 Description: The issue is related to stored XSS via textile inline links, which can be exploited by a remote attacker to impact data integrity. The vulnerability is due...

9.8CVSS6AI score0.01737EPSS
Exploits0References39
Rows per page
Query Builder