Medium severity5.4NVD Advisory· Published May 11, 2022· Updated Jun 17, 2026
CVE-2021-31330
CVE-2021-31330
Description
A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Review Board/Review Boarddescription
- Range: <=3.0.20, <=4.0 RC1
Patches
Vulnerability mechanics
References
4- mattschmidt.net/2021/04/14/review-board-xss-discovered/nvdExploitThird Party Advisory
- www.reviewboard.org/docs/releasenotes/reviewboard/3.0.21/nvdRelease NotesVendor Advisory
- www.reviewboard.org/docs/releasenotes/reviewboard/4.0-rc-2/nvdRelease NotesVendor Advisory
- www.reviewboard.org/news/2021/04/14/review-board-3-0-21-and-4-0-rc-2-security-bug-fixes-and-docker/nvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.