Vulnerabilities > Redmine > Redmine > 4.2.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-05 | CVE-2023-47258 | Cross-site Scripting vulnerability in Redmine Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a Markdown formatter. | 6.1 |
| 2023-11-05 | CVE-2023-47259 | Cross-site Scripting vulnerability in Redmine Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter. | 6.1 |
| 2023-11-05 | CVE-2023-47260 | Cross-site Scripting vulnerability in Redmine Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails. | 6.1 |
| 2022-12-12 | CVE-2022-44031 | Cross-site Scripting vulnerability in Redmine Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields. | 6.1 |
| 2022-12-12 | CVE-2022-44637 | Cross-site Scripting vulnerability in Redmine Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. | 6.1 |