Reviewboard: >> Review Board >> 1.6.16 Security Vulnerabilities
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests.
CVSS Score
9.8
EPSS Score
0.012
Published
2019-11-04
Cross-site scripting (XSS) vulnerability in the Submitters list in Review Board 1.6.x before 1.6.18 and 1.7.x before 1.7.12 allows remote attackers to inject arbitrary web script or HTML via a user full name.
CVSS Score
4.3
EPSS Score
0.005
Published
2014-04-11
Multiple cross-site scripting (XSS) vulnerabilities in Review Board 1.6.x before 1.6.21 and 1.7.x before 1.7.17 allow remote attackers to inject arbitrary web script or HTML via the (1) Branch field or (2) caption of an uploaded file.
CVSS Score
4.3
EPSS Score
0.004
Published
2013-11-19
Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name.
CVSS Score
4.3
EPSS Score
0.004
Published
2013-07-31