Redmine 4.2.2

CPE Details

Redmine 4.2.2
redmine
redmine
4.2.2
2021-08-24
11h08 +00:00
2021-08-25
11h35 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:redmine:redmine:4.2.2:*:*:*:*:*:*:*

Informations

Vendor

redmine

Product

redmine

Version

4.2.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-47258 2023-11-04 23h00 +00:00 Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a Markdown formatter.
6.1
Medium
CVE-2023-47259 2023-11-04 23h00 +00:00 Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter.
6.1
Medium
CVE-2023-47260 2023-11-04 23h00 +00:00 Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails.
6.1
Medium
CVE-2022-44031 2022-12-11 23h00 +00:00 Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields.
6.1
Medium
CVE-2022-44637 2022-12-11 23h00 +00:00 Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user.
6.1
Medium
CVE-2021-42326 2021-10-12 16h08 +00:00 Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter.
5.3
Medium