4.3
CVE-2005-1597
- EPSS 2.38%
- Veröffentlicht 16.05.2005 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:13:20
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in (1) search.php and (2) topics.php for Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the highlite parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Invision Power Services ≫ Invision Board Version1.0
Invision Power Services ≫ Invision Board Version1.0.1
Invision Power Services ≫ Invision Board Version1.1.1
Invision Power Services ≫ Invision Board Version1.1.2
Invision Power Services ≫ Invision Board Version1.2
Invision Power Services ≫ Invision Board Version1.3
Invision Power Services ≫ Invision Board Version2.0_alpha_3
Invision Power Services ≫ Invision Board Version2.0_pdr3
Invision Power Services ≫ Invision Power Board Version2.0.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.38% | 0.817 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://forums.invisionpower.com/index.php?showtopic=168016
http://marc.info/?l=bugtraq&m=111539908705851&w=2
http://secunia.com/advisories/15265
http://securitytracker.com/id?1013907
http://www.gulftech.org/?node=research&article_id=00073-05052005
http://www.osvdb.org/16298
http://www.securityfocus.com/bid/13534
http://www.vupen.com/english/advisories/2005/0487
https://exchange.xforce.ibmcloud.com/vulnerabilities/20445