Description
applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Html5 Audio Player-Audio Player for WordPress Cross-Site Scripting (2.1.2)
LimeSurvey Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3752)
WordPress Plugin Advanced Custom Fields:reCAPTCHA Field Security Bypass (1.1.1)
WordPress Plugin Simple add pages or posts Cross-Site Request Forgery (1.6)
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5475)