Description
Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links.
References
https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html
Mailing ListThird Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-04-06T08:15:12.260
4 years agoLast modified
2021-06-01T20:37:14.290
4 years ago