6.8
CVE-2004-0359
- EPSS 5.62%
- Veröffentlicht 23.11.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:27
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote attackers to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Invision Power Services ≫ Invision Board Version1.3.1_final
Invision Power Services ≫ Invision Board Version1.3_final
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.62% | 0.919 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://marc.info/?l=bugtraq&m=107851589701916&w=2
http://secunia.com/advisories/11053
http://www.osvdb.org/4154
http://www.securityfocus.com/bid/9768
https://exchange.xforce.ibmcloud.com/vulnerabilities/15403