Vulnerabilities > CVE-2006-1287 - Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board 2.0.4/2.1.4
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE network
invision-power-services
Summary
Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 before 20060130 allows remote attackers to steal cookies and probably conduct other activities when the victim is using Internet Explorer.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |