Shodan
Vulnerabilities
Vulnerable Software
Redmine:  >> Redmine  >> 4.1.4  Security Vulnerabilities
CVE-2023-47258
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a Markdown formatter.
CVSS Score
6.1
EPSS Score
0.004
Published
2023-11-05
CVE-2023-47259
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter.
CVSS Score
6.1
EPSS Score
0.004
Published
2023-11-05
CVE-2023-47260
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails.
CVSS Score
6.1
EPSS Score
0.004
Published
2023-11-05
CVE-2022-44031
Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields.
CVSS Score
6.1
EPSS Score
0.004
Published
2022-12-12
CVE-2022-44637
Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user.
CVSS Score
6.1
EPSS Score
0.004
Published
2022-12-12
CVE-2021-42326
Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter.
CVSS Score
5.3
EPSS Score
0.005
Published
2021-10-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved