← Back

CVE-2011-4928

nvd nist

Published: Oct 8, 2012Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the textile formatter in Redmine before 1.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected (41)

Products: Redmine: Redmine

Redmine

1 product

Redmine

Configuration A

41 vulnerable

Vulnerable Software	Affected Versions
Redmine Redmine	Up to 1.0.4
Redmine Redmine	Version 0.1.0
Redmine Redmine	Version 0.2.1
Redmine Redmine	Version 0.2.2
Redmine Redmine	Version 0.3.0
Redmine Redmine	Version 0.4.0
Redmine Redmine	Version 0.4.1
Redmine Redmine	Version 0.4.2
Redmine Redmine	Version 0.5.0
Redmine Redmine	Version 0.5.1
Redmine Redmine	Version 0.6.0
Redmine Redmine	Version 0.6.1
Redmine Redmine	Version 0.6.2
Redmine Redmine	Version 0.6.3
Redmine Redmine	Version 0.6.4
Redmine Redmine	Version 0.7.0
Redmine Redmine	Version 0.7.0 rc1
Redmine Redmine	Version 0.7.1
Redmine Redmine	Version 0.7.2
Redmine Redmine	Version 0.7.3
Redmine Redmine	Version 0.7.4
Redmine Redmine	Version 0.8.0
Redmine Redmine	Version 0.8.0 rc1
Redmine Redmine	Version 0.8.1
Redmine Redmine	Version 0.8.2
Redmine Redmine	Version 0.8.3
Redmine Redmine	Version 0.8.4
Redmine Redmine	Version 0.8.5
Redmine Redmine	Version 0.8.6
Redmine Redmine	Version 0.8.7
Redmine Redmine	Version 0.9.0
Redmine Redmine	Version 0.9.1
Redmine Redmine	Version 0.9.2
Redmine Redmine	Version 0.9.3
Redmine Redmine	Version 0.9.4
Redmine Redmine	Version 0.9.5
Redmine Redmine	Version 0.9.6
Redmine Redmine	Version 1.0.0
Redmine Redmine	Version 1.0.1
Redmine Redmine	Version 1.0.2
Redmine Redmine	Version 1.0.3