Lucene search
K

140 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:0 a.m.7 views

CVE-2019-25026

Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting...

5.3CVSS6.8AI score0.00809EPSS
Exploits0References1
OSV
OSV
added 2025/01/07 5:11 p.m.2 views

GHSA-95M2-CHM4-MQ7M PHP-Textile has persistent XSS vulnerability in image link handling

Details Persistent XSS vulnerability in image link handling of PHP-Textile versions 4.1.2 and older, when running the parser in restricted mode. In restricted mode it is expected that the input would be sanitized, allowing user-input such as user comments to be parsed and handled safely by the...

7.3CVSS6.1AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/01/07 5:11 p.m.15 views

PHP-Textile has persistent XSS vulnerability in image link handling

Details Persistent XSS vulnerability in image link handling of PHP-Textile versions 4.1.2 and older, when running the parser in restricted mode. In restricted mode it is expected that the input would be sanitized, allowing user-input such as user comments to be parsed and handled safely by the...

6.1AI score
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/06/13 12:0 a.m.7 views

The vulnerability of the Textile web application component for Redmine project and task management, which allows a hacker to perform cross-site scripting attacks.

The vulnerability of the Textile component in the Redmine project and task management web application exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.4CVSS6AI score0.00397EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2024/03/06 11:5 a.m.22 views

BIT-REDMINE-2020-36307

Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links...

6.1CVSS6AI score0.00696EPSS
Exploits0References3
OSV
OSV
added 2024/03/06 11:4 a.m.16 views

BIT-REDMINE-2022-44031

Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields...

6.1CVSS5.9AI score0.00402EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 11:3 a.m.30 views

BIT-REDMINE-2022-44637

Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user...

6.1CVSS5.9AI score0.00429EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 11:3 a.m.290 views

BIT-REDMINE-2023-47259

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter...

6.1CVSS5.8AI score0.00397EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2024/01/10 12:0 a.m.17 views

RedCloth: ReDoS Vulnerability

Background RedCloth is a module for using Textile in Ruby Description A vulnerability has been discovered in RedCloth. Please review the CVE identifier referenced below for details. Impact RedCloth is vulnerable to a regular expression denial of service "ReDoS" attack via the sanitizehtml functio...

7.5CVSS7.2AI score0.01513EPSS
Exploits1
OSV
OSV
added 2023/11/05 4:15 a.m.3 views

DEBIAN-CVE-2023-47259

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter...

6.1CVSS6AI score0.00397EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/11/05 4:15 a.m.3 views

CVE-2023-47259

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter...

6.1CVSS5.8AI score0.00397EPSS
Exploits0References2
NVD
NVD
added 2023/11/05 4:15 a.m.16 views

CVE-2023-47259

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter...

6.1CVSS6AI score0.00397EPSS
Exploits0References1
Prion
Prion
added 2023/11/05 4:15 a.m.19 views

Cross site scripting

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter...

5.8CVSS6.2AI score0.00397EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/11/05 4:15 a.m.4 views

UBUNTU-CVE-2023-47259

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter...

6.1CVSS5.8AI score0.00397EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2023/11/05 12:0 a.m.23 views

CVE-2023-47259

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter...

6.1CVSS6AI score0.00397EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/11/05 12:0 a.m.9 views

CVE-2023-47259

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter...

6.2AI score0.00397EPSS
Exploits0References1
OSV
OSV
added 2023/11/05 12:0 a.m.19 views

CVE-2023-47259

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter...

6.1CVSS6.2AI score0.00397EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/11/05 12:0 a.m.8 views

Redmine Security Vulnerabilities

Redmine is a set of open source Web-based project management and defect tracking tools . The product provides features such as project management, issue tracking and role-based access control. A security vulnerability exists in Redmine versions prior to 4.2.11 and 5.0.x prior to 5.0.6, which stem...

6.1CVSS5.7AI score0.00397EPSS
Exploits0References4
CVE
CVE
added 2023/11/05 12:0 a.m.323 views

CVE-2023-47259

CVE-2023-47259 affects Redmine prior to 4.2.11 and 5.0.x prior to 5.0.6, where the Textile formatter permits cross-site scripting (XSS). The root cause is improper handling within the Textile formatter, enabling an attacker to execute script in a user’s browser. The vulnerability is documented ac...

6.1CVSS5.8AI score0.00397EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/05 12:0 a.m.7 views

PT-2023-9190 · Redmine · Redmine

Name of the Vulnerable Software and Affected Versions: Redmine versions prior to 4.2.11 Redmine versions 5.0.x prior to 5.0.6 Description: The issue is related to a lack of protection in the structure of web pages, allowing for cross-site scripting XSS attacks in the Textile formatter. This could...

6.4CVSS6.1AI score0.00397EPSS
Exploits0References23
Rows per page
Query Builder