CGI abuses : Invision Power Board SML Code Script Injection

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.52057

Kategorie: CGI abuses

Titel: Invision Power Board SML Code Script Injection

Zusammenfassung: NOSUMMARY

Beschreibung: Description:

The remote version of Invision Power Board, according to its
version number, is vulnerable to an Javascript injection attack due
to insufficient filtering of the 'COLOR' tag for mailicious content.

Version 1.3.1 and prior, as well as 2.0.3 and prior, are
known to be vulnerable.

Solution : Upgrade to a newer version when one is available.
http://www.invisionboard.com/

Risk factor : Medium

CVSS Score:
4.3

Querverweis: BugTraq ID: 12607
Common Vulnerability Exposure (CVE) ID: CVE-2005-0477
Bugtraq: 20050217 Invision Power Boards 1.3.1 FINAL XSS Exploit (Google Search)
http://marc.info/?l=bugtraq&m=110868196922995&w=2
XForce ISS Database: invision-power-board-sml-xss(19399)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19399

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.52057
Kategorie:	CGI abuses
Titel:	Invision Power Board SML Code Script Injection
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote version of Invision Power Board, according to its version number, is vulnerable to an Javascript injection attack due to insufficient filtering of the 'COLOR' tag for mailicious content. Version 1.3.1 and prior, as well as 2.0.3 and prior, are known to be vulnerable. Solution : Upgrade to a newer version when one is available. http://www.invisionboard.com/ Risk factor : Medium CVSS Score: 4.3
Querverweis:	BugTraq ID: 12607 Common Vulnerability Exposure (CVE) ID: CVE-2005-0477 Bugtraq: 20050217 Invision Power Boards 1.3.1 FINAL XSS Exploit (Google Search) http://marc.info/?l=bugtraq&m=110868196922995&w=2 XForce ISS Database: invision-power-board-sml-xss(19399) https://exchange.xforce.ibmcloud.com/vulnerabilities/19399
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com