Miggo Logo
Miggo Vulnerability Database
CVE-2013-2209

CVE-2013-2209: Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown

6.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2013-2209
GHSA ID
GHSA-6g7x-4c7m-g63m
EPSS Score
0.60343%
CWE
CWE-79
Published
5/17/2022
Updated
8/29/2023
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
reviewboardpip>= 1.6, < 1.6.171.6.17
reviewboardpip>= 1.7, < 1.7.101.7.10

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the formatItem callback in the autocomplete widget implementation. The original code (pre-patch) concatenated raw user input from data[options.nameKey] and data[options.descKey] into HTML strings without sanitization. The patch fixes this by using jQuery.text() method to HTML-escape the description content. The function's direct handling of unescaped user input in HTML construction matches the described XSS vulnerability vector via user full names.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ross-sit* s*riptin* (XSS) vuln*r**ility in t** *uto-*ompl*t* wi***t in *t*o*s/m**i*/r*/js/r*vi*ws.js in R*vi*w *o*r* *.*.x ***or* *.*.** *n* *.*.x ***or* *.*.** *llows r*mot* *tt**k*rs to inj**t *r*itr*ry w** s*ript or *TML vi* * *ull n*m*.

Reasoning

T** vuln*r**ility st*ms *rom t** `*orm*tIt*m` **ll***k in t** `*uto*ompl*t*` wi***t impl*m*nt*tion. T** ori*in*l *o** (pr*-p*t**) *on**t*n*t** r*w us*r input *rom `**t*[options.n*m*K*y]` *n* `**t*[options.**s*K*y]` into *TML strin*s wit*out s*nitiz*t