AI Score
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a Markdown formatter.
www.redmine.org/projects/redmine/wiki/Security_Advisories