VYPR
Moderate severityNVD Advisory· Published Jul 31, 2013· Updated Jun 16, 2026

CVE-2013-2209

CVE-2013-2209

Description

Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
reviewboardPyPI
>= 1.6, < 1.6.171.6.17
reviewboardPyPI
>= 1.7, < 1.7.101.7.10

Affected products

33
  • cpe:2.3:a:reviewboard:review_board:1.6:*:*:*:*:*:*:*+ 31 more
    • cpe:2.3:a:reviewboard:review_board:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.10:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.11:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.12:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.13:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.14:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.15:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.16:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6.9:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6:beta1:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6:beta2:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6:rc1:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.6:rc2:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.7.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.7.4:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.7.7:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.7.8:*:*:*:*:*:*:*
    • cpe:2.3:a:reviewboard:review_board:1.7.9:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 1.6, < 1.6.17

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.