CVE-2013-4519 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Review Board 1.6.x before 1.6.21 and 1.7.x before 1.7.17 allow remote attackers to inject arbitrary web script or HTML via the (1) Branch field or (2) caption of an uploaded file.

Reference

http://osvdb.org/99512 http://osvdb.org/99513 http://secunia.com/advisories/55623 http://www.reviewboard.org/docs/releasenotes/reviewboard/1.6.21 http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.17 http://www.securityfocus.com/bid/63601 https://exchange.xforce.ibmcloud.com/vulnerabilities/88620