← back
CVE-2021-31330

CVE-2021-31330

EPSS 0.8%
A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://mattschmidt.net/2021/04/14/review-board-xss-discovered/https://www.reviewboard.org/docs/releasenotes/reviewboard/3.0.21/https://www.reviewboard.org/docs/releasenotes/reviewboard/4.0-rc-2/https://www.reviewboard.org/news/2021/04/14/review-board-3-0-21-and-4-0-rc-2-security-bug-fixes-and-docker/