4.3
CVE-2005-3547
- EPSS 2.71%
- Veröffentlicht 16.11.2005 07:42:00
- Zuletzt bearbeitet 16.06.2026 22:17:10
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) adsess, (2) name, and (3) description parameters in admin.php, and the (4) ACP Notes, (5) Member Name, (6) Password, (7) Email Address, (8) Components, and multiple other input fields.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Invision Power Services ≫ Invision Board Version2.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.71% | 0.84 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://benji.redkod.org/audits/ipb.2.1.pdf
http://osvdb.org/20516
http://osvdb.org/20517
http://osvdb.org/20518
http://osvdb.org/20519
http://osvdb.org/20520
http://osvdb.org/20521
http://osvdb.org/20522
http://secunia.com/advisories/17443
http://www.securityfocus.com/archive/1/415801/30/0/threaded
http://www.securityfocus.com/bid/15344
http://www.securityfocus.com/bid/15345
https://exchange.xforce.ibmcloud.com/vulnerabilities/22999