Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user.
{ "severity": "Medium", "cpes": [ "cpe:2.3:a:redmine:redmine:*:*:*:*:*:*:*:*" ] }