vulnerability

Beanbag Review Board: XSS vulnerability in Markdown rendering (CVE-2021-31330)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	May 11, 2022	Jul 5, 2022	Aug 11, 2025

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

May 11, 2022

Added

Jul 5, 2022

Modified

Aug 11, 2025

Description

A Cross-Site Scripting (XSS) vulnerability exists within Review Board versions 3.0.20 and 4.0 RC1 and earlier. An authenticated attacker may inject malicious Javascript code when using Markdown editing within the application which remains persistent.

Solution

beanbag-review_board-upgrade-latest

References

CVE-2021-31330
https://attackerkb.com/topics/CVE-2021-31330
CWE-79

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today