Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reviewboard review board vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-31330
A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and previous versions. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.
Reviewboard Review Board 3.0.20
Reviewboard Review Board 4.0
4.3
CVSSv3
CVE-2013-4411
Review Board: URL processing gives unauthorized users access to review lists
Reviewboard Reviewboard
Fedoraproject Fedora 18
Fedoraproject Fedora 20
Fedoraproject Fedora 19
9.8
CVSSv3
CVE-2013-4409
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board prior to 1.7.15 when parsing JSON requests.
Reviewboard Review Board
Reviewboard Djblets 0.7.21
Fedoraproject Fedora 18
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Redhat Enterprise Linux 6.0
6.5
CVSSv3
CVE-2014-5028
The Original File and Patched File resources in Review Board 1.7.x prior to 1.7.27 and 2.0.x prior to 2.0.4 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information from repository files by leveraging knowledge of database ids.
Reviewboard Review Board
NA
CVE-2014-5027
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x prior to 1.7.27 and 2.0.x prior to 2.0.4 allows remote malicious users to inject arbitrary web script or HTML via a query parameter to a diff fragment page.
Reviewboard Review Board 2.0
Reviewboard Review Board 2.0.1
Reviewboard Review Board 2.0.2
Reviewboard Review Board 2.0.3
Reviewboard Review Board 1.7.19
Reviewboard Review Board 1.7.11
Reviewboard Review Board 1.7.15
Reviewboard Review Board 1.7.8
Reviewboard Review Board 1.7.12
Reviewboard Review Board 1.7.20
Reviewboard Review Board 1.7.9
Reviewboard Review Board 1.7.22
Reviewboard Review Board 1.7.5
Reviewboard Review Board 1.7.13
Reviewboard Review Board 1.7.2
Reviewboard Review Board 1.7.0.1
Reviewboard Review Board 1.7.4
Reviewboard Review Board 1.7.23
Reviewboard Review Board 1.7.26
Reviewboard Review Board 1.7.24
Reviewboard Review Board 1.7.10
Reviewboard Review Board 1.7.14
NA
CVE-2014-3994
Cross-site scripting (XSS) vulnerability in util/templatetags/djblets_js.py in Djblets prior to 0.7.30 and 0.8.x prior to 0.8.3 for Django, as used in Review Board, allows remote malicious users to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name...
Reviewboard Djblets 0.7.27
Reviewboard Djblets 0.7.28
Reviewboard Djblets
Reviewboard Djblets 0.8.2
Reviewboard Reviewboard -
Reviewboard Djblets 0.8.1
NA
CVE-2013-4795
Cross-site scripting (XSS) vulnerability in the Submitters list in Review Board 1.6.x prior to 1.6.18 and 1.7.x prior to 1.7.12 allows remote malicious users to inject arbitrary web script or HTML via a user full name.
Reviewboard Review Board 1.6.10
Reviewboard Review Board 1.7.11
Reviewboard Review Board 1.7.8
Reviewboard Review Board 1.7.9
Reviewboard Review Board 1.7.5
Reviewboard Review Board 1.7.2
Reviewboard Review Board 1.6.11
Reviewboard Review Board 1.6.17
Reviewboard Review Board 1.6.13
Reviewboard Review Board 1.6.14
Reviewboard Review Board 1.7.0.1
Reviewboard Review Board 1.7.4
Reviewboard Review Board 1.6
Reviewboard Review Board 1.6.12
Reviewboard Review Board 1.6.3
Reviewboard Review Board 1.7.10
Reviewboard Review Board 1.6.15
Reviewboard Review Board 1.7.3
Reviewboard Review Board 1.6.1
Reviewboard Review Board 1.7.7
Reviewboard Review Board 1.7.0
Reviewboard Review Board 1.7.1
NA
CVE-2013-4519
Multiple cross-site scripting (XSS) vulnerabilities in Review Board 1.6.x prior to 1.6.21 and 1.7.x prior to 1.7.17 allow remote malicious users to inject arbitrary web script or HTML via the (1) Branch field or (2) caption of an uploaded file.
Reviewboard Review Board 1.6.10
Reviewboard Review Board 1.7.11
Reviewboard Review Board 1.7.15
Reviewboard Review Board 1.7.8
Reviewboard Review Board 1.7.12
Reviewboard Review Board 1.7.9
Reviewboard Review Board 1.7.5
Reviewboard Review Board 1.6.6
Reviewboard Review Board 1.7.13
Reviewboard Review Board 1.6.18
Reviewboard Review Board 1.7.2
Reviewboard Review Board 1.6.11
Reviewboard Review Board 1.6.17
Reviewboard Review Board 1.6.13
Reviewboard Review Board 1.6.7
Reviewboard Review Board 1.6.14
Reviewboard Review Board 1.7.0.1
Reviewboard Review Board 1.7.4
Reviewboard Review Board 1.6.4
Reviewboard Review Board 1.6.20
Reviewboard Review Board 1.6
Reviewboard Review Board 1.6.9
NA
CVE-2013-2209
Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x prior to 1.6.17 and 1.7.x prior to 1.7.10 allows remote malicious users to inject arbitrary web script or HTML via a full name.
Reviewboard Review Board 1.6.10
Reviewboard Review Board 1.6.6
Reviewboard Review Board 1.6.11
Reviewboard Review Board 1.6.13
Reviewboard Review Board 1.6.7
Reviewboard Review Board 1.6.14
Reviewboard Review Board 1.6.4
Reviewboard Review Board 1.6
Reviewboard Review Board 1.6.9
Reviewboard Review Board 1.6.12
Reviewboard Review Board 1.6.3
Reviewboard Review Board 1.6.15
Reviewboard Review Board 1.6.1
Reviewboard Review Board 1.6.16
Reviewboard Review Board 1.6.2
Reviewboard Review Board 1.6.5
Reviewboard Review Board 1.6.8
Reviewboard Review Board 1.7.8
Reviewboard Review Board 1.7.9
Reviewboard Review Board 1.7.5
Reviewboard Review Board 1.7.2
Reviewboard Review Board 1.7.0.1
NA
CVE-2011-4312
Multiple cross-site scripting (XSS) vulnerabilities in the commenting system in Review Board prior to 1.5.7 and 1.6.x prior to 1.6.3 allow remote malicious users to inject arbitrary web script or HTML via vectors involving the (1) diff viewer or (2) screenshot component.
Reviewboard Review Board 1.5.1
Reviewboard Review Board 1.5.4
Reviewboard Review Board 1.0
Reviewboard Review Board 1.0.9
Reviewboard Review Board 1.5
Reviewboard Review Board 1.5.5
Reviewboard Review Board 1.0.5.1
Reviewboard Review Board 1.0.3
Reviewboard Review Board 1.5.2
Reviewboard Review Board 1.0.8
Reviewboard Review Board 1.0.1
Reviewboard Review Board 1.6
Reviewboard Review Board
Reviewboard Review Board 1.0.7
Reviewboard Review Board 1.0.5
Reviewboard Review Board 1.6.1
Reviewboard Review Board 1.1
Reviewboard Review Board 1.0.6
Reviewboard Review Board 1.0.2
Reviewboard Review Board 1.0.4
Reviewboard Review Board 1.6.2
Reviewboard Review Board 1.5.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started