Chipx86

**Name of the Vulnerable Software and Affected Versions** Djblets versions 0.7.x through 0.7.29 Djblets versions 0.8.x through 0.8.2 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a user display name. This is due to a vulnerability in the `gravatars/templatetags/gravatars.py` file. **Recommendations** For Djblets versions 0.7.x through 0.7.29, update to version 0.7.30 or later. For Djblets versions 0.8.x through 0.8.2, update to version 0.8.3 or later.