PyPI package
reviewboard
pkg:pypi/reviewboard
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-4409 | — | < 1.7.15 | 1.7.15 | Nov 4, 2019 | An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. | ||
| CVE-2013-2209 | — | >= 1.6, < 1.6.17 | 1.6.17 | Jul 31, 2013 | Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name. |
- CVE-2013-4409Nov 4, 2019affected < 1.7.15fixed 1.7.15
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests.
- CVE-2013-2209Jul 31, 2013affected >= 1.6, < 1.6.17fixed 1.6.17
Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name.