Invision Power Services » Invision Power Board » 1.2 : Security Vulnerabilities, CVEs, Published In 2005
Cross-site scripting (XSS) vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script via (1) a signature file or (2) a message post containing an IMG tag within a COLOR tag whose style is set to background:url.
Max CVSS
4.3
EPSS Score
0.24%
Published
2005-03-30
Updated
2017-07-11
1 vulnerabilities found