CVE

CVE-2005-0477 (invision_power_board)

CVE-2005-0477 (invision_power_board)

Cross-site scripting (XSS) vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script via (1) a signature file or (2) a message post containing an IMG tag within a COLOR tag whose style is set to background:url.

Source: CVE-2005-0477 (invision_power_board)

Exit mobile version