Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2013-07-31T10:00:00
Updated: 2014-04-11T13:57:00
Reserved: 2013-02-19T00:00:00
Link: CVE-2013-2209
JSON object: View
NVD Information
Status : Modified
Published: 2013-07-31T13:20:25.557
Modified: 2014-04-19T04:35:04.567
Link: CVE-2013-2209
JSON object: View
Redhat Information
No data.
CWE