Jump to >

Review Board 1.6.3 Release Notes

Release date: November 15, 2011

Security Fixes

  • A script injection vulnerability was discovered in the commenting system. This affected the diff viewer and screenshot pages, and allowed a commenter to break the page and execute JavaScript. This vulnerability has been fixed.

    Thanks to Damian Johnson for reporting this.

Contributors

  • Christian Hammond
  • Damian Johnson