CVE

CVE-2021-32924

admin

CVE-2021-32924

Invision Community (aka IPS Community Suite) before 4.6.0 allows eval-based PHP code injection by a moderator because the IPScmsmodulesfrontpages_builder::previewBlock method interacts unsafely with the IPS_Theme::runProcessFunction method.

Source: CVE-2021-32924

Exit mobile version