2.1.4

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

invision-power-services

NVD

Published: 2006-03-19

Updated: 2024-11-21

Summary

Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 before 20060130 allows remote attackers to steal cookies and probably conduct other activities when the victim is using Internet Explorer.

Vulnerable Configurations

Part	Description	Count
Application	Invision_Power_Services Invision Power Services Invision Power Board 2.0.4 Invision Power Services Invision Power Board 2.1.4	2

References

http://forums.invisionpower.com/index.php?showtopic=206790
http://forums.invisionpower.com/index.php?showtopic=206790
http://secunia.com/advisories/19141
http://secunia.com/advisories/19141
http://www.vupen.com/english/advisories/2006/0861
http://www.vupen.com/english/advisories/2006/0861