CVSS: 6.1EPSS: 0%CPEs: 43EXPL: 0CVE-2013-4519
https://notcve.org/view.php?id=CVE-2013-4519
15 Nov 2013 — Multiple cross-site scripting (XSS) vulnerabilities in Review Board 1.6.x before 1.6.21 and 1.7.x before 1.7.17 allow remote attackers to inject arbitrary web script or HTML via the (1) Branch field or (2) caption of an uploaded file. Múltiples vulnerabilidades de XSS en Review Board 1.6.x anterior a la versión 1.6.21 y 1.7.x anterior a 1.7.17 permite a atacantes remotos inyectar script web o HTML arbitrario a través del (1) campo Branch o (2) título de un archivo cargado. • http://osvdb.org/99512 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 32EXPL: 1CVE-2013-2209
https://notcve.org/view.php?id=CVE-2013-2209
31 Jul 2013 — Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name. Vulnerabilidad XSS en el widget de autocompletado en enhtdocs/media/rb/js/reviews.js en Review Board 1.6.x anteior a 1.6.17 y 1.7.x anterior a 1.7.10, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un nombre completo. • http://www.openwall.com/lists/oss-security/2013/06/24/2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 40EXPL: 0CVE-2011-4312
https://notcve.org/view.php?id=CVE-2011-4312
24 Nov 2011 — Multiple cross-site scripting (XSS) vulnerabilities in the commenting system in Review Board before 1.5.7 and 1.6.x before 1.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) diff viewer or (2) screenshot component. Multiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en el sistema de comentarios de Review Board antes de v1.5.7 y 1.6.x antes de v1.6.3 permite a atacantes remotos inyectar secuencias de comandos web o HTML a t... • http://lists.fedoraproject.org/pipermail/package-announce/2011-November/070091.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •