CVE-2022-44031

Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields.

Date published : 2022-12-11

https://www.redmine.org/projects/redmine/wiki/Security_Advisories