Invision Power Board XSS Network Vulnerability

Summary

The remote host is running Invision Power Board, a web-based bulletin-board system written in PHP. This version of Invision Power Board is vulnerable to cross-site scripting attacks, which may allow an attacker to steal users cookies.

Solution

Upgrade to the latest version of this software

Severity

Classification

CVE CVE-2004-1578

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Afian 'includer.php' Directory Traversal Vulnerability
Apache Struts2/XWork Remote Command Execution Vulnerability
Adobe ColdFusion HTTP Response Splitting Vulnerability
12Planet Chat Server one2planet.infolet.InfoServlet XSS
Apple Safari Multiple Vulnerabilities

Take action and discover your vulnerabilities