PT-2019-6972 · Beanbag · Review Board
Published
2019-12-27
·
Updated
2020-01-07
·
CVE-2013-4796
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
ReviewBoard version 1.6.17
Description
The issue allows code execution by attaching PHP scripts to a review request.
Recommendations
For ReviewBoard version 1.6.17, update to a version that fixes this issue to prevent code execution by attached PHP scripts.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Review Board