Invision Power Board Cross-Site Scripting Vulnerability Network Vulnerability

Summary

The host is running Invision Power Board and is prone to Cross-Site Scripting Vulnerability.

Impact

Successful exploitation will let attackers execute arbitrary code in the context of the affected web application and can cause various web related attacks by point to malicious IFRAME or HTML data. Impact Level: Application

Solution

Solution/Patch not available as on 09th April 2009. Information will be updated once the vendor supplies any updates. For further updates refer, http://www.invisionpower.com

Insight

Improper sanitization of user supplied input in the signature data which can cause crafting malicious IFRAME or HTML tags to gain sensitive information about the web application or can cause injection of web pages to the web application.

Affected

Invision Power Board version 2.3.1 and prior.

References

http://www.securityfocus.com/archive/1/490115
http://xforce.iss.net/xforce/xfdb/41502

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-6565

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Tomcat DOS Device Name XSS
Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability
Apache Tomcat Cross-Site Scripting and Security Bypass Vulnerabilities
Apache Tomcat Multiple Vulnerabilities June-09
Advanced Image Hosting Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities