cvedb.io
CVE-2021-31330
MEDIUM · CVSS 5.4
EPSS exploitation probability: 0%
Published 2022-05-11T18:15:22.303 · Last modified 2026-06-17T03:51:34.047

Summary

A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.

Affected products

reviewboard — review_board

Does this affect you?

Add your gear to cvedb and we'll alert you only when reviewboard ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.