Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
review board vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34461
PyBB is an open source bulletin board. A manual code review of the PyBB bulletin board server has revealed that a vulnerability could have been exploited in which users could submit any type of HTML tag, and have said tag run. For example, a malicious `<a>` that looks like ...
Pybb Project Pybb 0.1.0
3.5
CVSSv2
CVE-2021-31330
A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and previous versions. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.
Reviewboard Review Board 3.0.20
Reviewboard Review Board 4.0
4
CVSSv2
CVE-2013-4411
Review Board: URL processing gives unauthorized users access to review lists
Reviewboard Reviewboard
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Fedoraproject Fedora 20
7.5
CVSSv2
CVE-2013-4409
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board prior to 1.7.15 when parsing JSON requests.
Reviewboard Review Board
Reviewboard Djblets 0.7.21
Fedoraproject Fedora 18
Fedoraproject Fedora 20
Fedoraproject Fedora 19
Redhat Enterprise Linux 6.0
4
CVSSv2
CVE-2014-5028
The Original File and Patched File resources in Review Board 1.7.x prior to 1.7.27 and 2.0.x prior to 2.0.4 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information from repository files by leveraging knowledge of database ids.
Reviewboard Review Board
4.3
CVSSv2
CVE-2014-5027
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x prior to 1.7.27 and 2.0.x prior to 2.0.4 allows remote malicious users to inject arbitrary web script or HTML via a query parameter to a diff fragment page.
Reviewboard Review Board 2.0
Reviewboard Review Board 2.0.3
Reviewboard Review Board 2.0.2
Reviewboard Review Board 2.0.1
Reviewboard Review Board 1.7.2
Reviewboard Review Board 1.7.3
Reviewboard Review Board 1.7.4
Reviewboard Review Board 1.7.5
Reviewboard Review Board 1.7.10
Reviewboard Review Board 1.7.11
Reviewboard Review Board 1.7.12
Reviewboard Review Board 1.7.13
Reviewboard Review Board 1.7.14
Reviewboard Review Board 1.7.26
Reviewboard Review Board 1.7.25
Reviewboard Review Board 1.7.24
Reviewboard Review Board 1.7.23
Reviewboard Review Board 1.7.0.1
Reviewboard Review Board 1.7.15
Reviewboard Review Board 1.7.17
Reviewboard Review Board 1.7.7
Reviewboard Review Board 1.7.9
4.3
CVSSv2
CVE-2014-3994
Cross-site scripting (XSS) vulnerability in util/templatetags/djblets_js.py in Djblets prior to 0.7.30 and 0.8.x prior to 0.8.3 for Django, as used in Review Board, allows remote malicious users to inject arbitrary web script or HTML via a JSON object, as demonstrated by the name...
Reviewboard Djblets 0.8.2
Reviewboard Djblets 0.8.1
Reviewboard Djblets
Reviewboard Djblets 0.7.28
Reviewboard Reviewboard -
Reviewboard Djblets 0.7.27
4.3
CVSSv2
CVE-2013-4795
Cross-site scripting (XSS) vulnerability in the Submitters list in Review Board 1.6.x prior to 1.6.18 and 1.7.x prior to 1.7.12 allows remote malicious users to inject arbitrary web script or HTML via a user full name.
Reviewboard Review Board 1.7.0
Reviewboard Review Board 1.7.0.1
Reviewboard Review Board 1.7.5
Reviewboard Review Board 1.7.6
Reviewboard Review Board 1.6
Reviewboard Review Board 1.6.1
Reviewboard Review Board 1.6.16
Reviewboard Review Board 1.6.17
Reviewboard Review Board 1.7.3
Reviewboard Review Board 1.7.4
Reviewboard Review Board 1.6.14
Reviewboard Review Board 1.6.15
Reviewboard Review Board 1.7.11
Reviewboard Review Board 1.7.2
Reviewboard Review Board 1.7.9
Reviewboard Review Board 1.6.12
Reviewboard Review Board 1.6.13
Reviewboard Review Board 1.7.1
Reviewboard Review Board 1.7.10
Reviewboard Review Board 1.7.7
Reviewboard Review Board 1.7.8
Reviewboard Review Board 1.6.10
4.3
CVSSv2
CVE-2013-4519
Multiple cross-site scripting (XSS) vulnerabilities in Review Board 1.6.x prior to 1.6.21 and 1.7.x prior to 1.7.17 allow remote malicious users to inject arbitrary web script or HTML via the (1) Branch field or (2) caption of an uploaded file.
Reviewboard Review Board 1.7.6
Reviewboard Review Board 1.7.4
Reviewboard Review Board 1.7.5
Reviewboard Review Board 1.7.12
Reviewboard Review Board 1.7.13
Reviewboard Review Board 1.6.6
Reviewboard Review Board 1.6.5
Reviewboard Review Board 1.6.14
Reviewboard Review Board 1.6.13
Reviewboard Review Board 1.6
Reviewboard Review Board 1.7.0
Reviewboard Review Board 1.7.0.1
Reviewboard Review Board 1.7.8
Reviewboard Review Board 1.7.9
Reviewboard Review Board 1.7.16
Reviewboard Review Board 1.6.9
Reviewboard Review Board 1.6.2
Reviewboard Review Board 1.6.18
Reviewboard Review Board 1.6.17
Reviewboard Review Board 1.6.10
Reviewboard Review Board 1.6.1
Reviewboard Review Board 1.6.19
4.3
CVSSv2
CVE-2013-2209
Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x prior to 1.6.17 and 1.7.x prior to 1.7.10 allows remote malicious users to inject arbitrary web script or HTML via a full name.
Reviewboard Review Board 1.6
Reviewboard Review Board 1.6.1
Reviewboard Review Board 1.6.5
Reviewboard Review Board 1.6.12
Reviewboard Review Board 1.6.13
Reviewboard Review Board 1.6.2
Reviewboard Review Board 1.6.3
Reviewboard Review Board 1.6.6
Reviewboard Review Board 1.6.7
Reviewboard Review Board 1.6.14
Reviewboard Review Board 1.6.15
Reviewboard Review Board 1.6.4
Reviewboard Review Board 1.6.8
Reviewboard Review Board 1.6.9
Reviewboard Review Board 1.6.16
Reviewboard Review Board 1.6.10
Reviewboard Review Board 1.6.11
Reviewboard Review Board 1.7.2
Reviewboard Review Board 1.7.3
Reviewboard Review Board 1.7.4
Reviewboard Review Board 1.7.5
Reviewboard Review Board 1.7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »