CVE

Id
64742  
CVE No.
CVE-2013-4795  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in the Submitters list in Review Board 1.6.x before 1.6.18 and 1.7.x before 1.7.12 allows remote attackers to inject arbitrary web script or HTML via a user full name.  
Phase
Assigned (20130712)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
636642 64742 CVE-2013-4795 BUGTRAQ:20130808 ReviewBoard Vulnerabilities  View
636643 64742 CVE-2013-4795 URL:http://seclists.org/bugtraq/2013/Aug/69  View
636644 64742 CVE-2013-4795 MISC:http://www.tripwire.com/state-of-security/vulnerability-management/vulnerabilities-its-time-to-review-your-reviewboard  View
636645 64742 CVE-2013-4795 CONFIRM:http://www.reviewboard.org/docs/releasenotes/reviewboard/1.6.18  View
636646 64742 CVE-2013-4795 CONFIRM:http://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.12  View
636647 64742 CVE-2013-4795 BID:61750  View
636648 64742 CVE-2013-4795 URL:http://www.securityfocus.com/bid/61750  View
636649 64742 CVE-2013-4795 OSVDB:96170  View
636650 64742 CVE-2013-4795 URL:http://osvdb.org/show/osvdb/96170  View
636651 64742 CVE-2013-4795 SECUNIA:54272  View
636652 64742 CVE-2013-4795 URL:http://secunia.com/advisories/54272  View
636653 64742 CVE-2013-4795 XF:reviewboard-cve20134795-xss(86410)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
21950 JVNDB-2013-003525 HP LoadRunner における任意のコードを実行される脆弱性 HP LoadRunner には、任意のコードを実行される脆弱性が存在します。 CVE-2013-4800 64742 9.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003525.html  View