5.8
CVE-2007-2349
- EPSS 1.65%
- Veröffentlicht 30.04.2007 22:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:24
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cross-site scripting (XSS) vulnerability in Invision Power Board (IP.Board) 2.1.x and 2.2.x allows remote attackers to inject arbitrary web script or HTML by uploading crafted images or PDF files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Invision Power Services ≫ Invision Power Board Version2.1
Invision Power Services ≫ Invision Power Board Version2.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.65% | 0.734 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
http://forums.invisionpower.com/index.php?showtopic=234377
http://osvdb.org/35427
http://secunia.com/advisories/25021
http://www.vupen.com/english/advisories/2007/1558
https://exchange.xforce.ibmcloud.com/vulnerabilities/33942