A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and previous versions. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
reviewboard review board 3.0.20 |
||
reviewboard review board 4.0 |