CVE-2021-31330
CVE-2021-31330
A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://mattschmidt.net/2021/04/14/review-board-xss-discovered/https://www.reviewboard.org/docs/releasenotes/reviewboard/3.0.21/https://www.reviewboard.org/docs/releasenotes/reviewboard/4.0-rc-2/https://www.reviewboard.org/news/2021/04/14/review-board-3-0-21-and-4-0-rc-2-security-bug-fixes-and-docker/