Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links.Referenceshttps://www.redmine.org/projects/redmine/wiki/Security_Advisorieshttps://lists.debian.org/debian-lts-announce/2021/05/msg00013.html
