Persistent Cross-Site Scripting (XSS) Vulnerability in Review Board Versions 3.0.20 and 4.0 RC1 and Earlier
CVE-2021-31330 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.
Learn more about our Web Application Penetration Testing UK.