Vulnerability CVE-2021-31330


Published: 2022-05-11

Description:
A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.

 References:
https://www.reviewboard.org/docs/releasenotes/reviewboard/4.0-rc-2/
https://www.reviewboard.org/docs/releasenotes/reviewboard/3.0.21/
https://mattschmidt.net/2021/04/14/review-board-xss-discovered/
https://www.reviewboard.org/news/2021/04/14/review-board-3-0-21-and-4-0-rc-2-security-bug-fixes-and-docker/

Copyright 2026, cxsecurity.com

 

Back to Top