Ubuntu.comUB:CVE-2023-47259CVE-2023-47259
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.0%
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile
formatter.
Bugs
- <https://www.redmine.org/issues/38807 (private)>
References
launchpad.net/bugs/cve/CVE-2023-47259
nvd.nist.gov/vuln/detail/CVE-2023-47259
security-tracker.debian.org/tracker/CVE-2023-47259
www.cve.org/CVERecord?id=CVE-2023-47259
www.redmine.org/projects/redmine/repository/svn/revisions/22304 (5.0.6)
www.redmine.org/projects/redmine/repository/svn/revisions/22305 (4.2.11)
www.redmine.org/projects/redmine/wiki/Security_Advisories
Related
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.0%