Required CVE Record Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in Review Board 1.6.x before 1.6.21 and 1.7.x before 1.7.17 allow remote attackers to inject arbitrary web script or HTML via the (1) Branch field or (2) caption of an uploaded file.
References 7 Total
- secunia.com: 55623 third-party-advisory
- securityfocus.com: 63601 vdb-entry
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17
- osvdb.org: 99512 vdb-entry
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.6.21
- osvdb.org: 99513 vdb-entry
- exchange.xforce.ibmcloud.com: reviewboard-cve20134519-xss(88620) vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 7 Total
- secunia.com: 55623 third-party-advisoryx_transferred
- securityfocus.com: 63601 vdb-entryx_transferred
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17 x_transferred
- osvdb.org: 99512 vdb-entryx_transferred
- http://www.reviewboard.org/docs/releasenotes/reviewboard/1.6.21 x_transferred
- osvdb.org: 99513 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: reviewboard-cve20134519-xss(88620) vdb-entryx_transferred