Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:CGI abuses
Title:Invision Power Board SML Code Script Injection

The remote version of Invision Power Board, according to its
version number, is vulnerable to an Javascript injection attack due
to insufficient filtering of the 'COLOR' tag for mailicious content.

Version 1.3.1 and prior, as well as 2.0.3 and prior, are
known to be vulnerable.

Solution : Upgrade to a newer version when one is available.

Risk factor : Medium

CVSS Score:

Cross-Ref: BugTraq ID: 12607
Common Vulnerability Exposure (CVE) ID: CVE-2005-0477
Bugtraq: 20050217 Invision Power Boards 1.3.1 FINAL XSS Exploit (Google Search)
XForce ISS Database: invision-power-board-sml-xss(19399)
CopyrightCopyright (c) 2005 E-Soft Inc.

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.