CVE-2021-31330
CVE-2021-31330
A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://mattschmidt.net/2021/04/14/review-board-xss-discovered/https://www.reviewboard.org/docs/releasenotes/reviewboard/3.0.21/https://www.reviewboard.org/docs/releasenotes/reviewboard/4.0-rc-2/https://www.reviewboard.org/news/2021/04/14/review-board-3-0-21-and-4-0-rc-2-security-bug-fixes-and-docker/