CVE-2008-6565

EPSS 0.15%
Veröffentlicht 31.03.2009 17:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Invision Power Services ≫ Invision Power Board Version <= 2.3.1

Invision Power Services ≫ Invision Power Board Version1.0

Invision Power Services ≫ Invision Power Board Version1.0.1

Invision Power Services ≫ Invision Power Board Version1.0.3

Invision Power Services ≫ Invision Power Board Version1.1.1

Invision Power Services ≫ Invision Power Board Version1.1.2

Invision Power Services ≫ Invision Power Board Version1.2

Invision Power Services ≫ Invision Power Board Version1.3

Invision Power Services ≫ Invision Power Board Version1.3.1_final

Invision Power Services ≫ Invision Power Board Version1.3_final

Invision Power Services ≫ Invision Power Board Version2.0

Invision Power Services ≫ Invision Power Board Version2.0.0

Invision Power Services ≫ Invision Power Board Version2.0.1

Invision Power Services ≫ Invision Power Board Version2.0.2

Invision Power Services ≫ Invision Power Board Version2.0.3

Invision Power Services ≫ Invision Power Board Version2.0.4

Invision Power Services ≫ Invision Power Board Version2.0.x

Invision Power Services ≫ Invision Power Board Version2.0_alpha3

Invision Power Services ≫ Invision Power Board Version2.0_pdr3

Invision Power Services ≫ Invision Power Board Version2.0_pf1

Invision Power Services ≫ Invision Power Board Version2.0_pf2

Invision Power Services ≫ Invision Power Board Version2.1

Invision Power Services ≫ Invision Power Board Version2.1.0

Invision Power Services ≫ Invision Power Board Version2.1.1

Invision Power Services ≫ Invision Power Board Version2.1.2

Invision Power Services ≫ Invision Power Board Version2.1.3

Invision Power Services ≫ Invision Power Board Version2.1.4

Invision Power Services ≫ Invision Power Board Version2.1.5

Invision Power Services ≫ Invision Power Board Version2.1.5_2006-03-08

Invision Power Services ≫ Invision Power Board Version2.1.5_2006-04-25

Invision Power Services ≫ Invision Power Board Version2.1.6

Invision Power Services ≫ Invision Power Board Version2.1.7

Invision Power Services ≫ Invision Power Board Version2.1.x

Invision Power Services ≫ Invision Power Board Version2.1_alpha2

Invision Power Services ≫ Invision Power Board Version2.1_beta2

Invision Power Services ≫ Invision Power Board Version2.1_beta3

Invision Power Services ≫ Invision Power Board Version2.1_beta4

Invision Power Services ≫ Invision Power Board Version2.1_beta5

Invision Power Services ≫ Invision Power Board Version2.1_rc1

Invision Power Services ≫ Invision Power Board Version2.2

Invision Power Services ≫ Invision Power Board Version2.2.1

Invision Power Services ≫ Invision Power Board Version2.2.2

Invision Power Services ≫ Invision Power Board Version2.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.15%	0.318

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

http://www.securityfocus.com/archive/1/490115/100/0/threaded

http://www.securityfocus.com/bid/28466

https://exchange.xforce.ibmcloud.com/vulnerabilities/41502

https://nvd.nist.gov/vuln/detail/CVE-2008-6565

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-6565

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-6565

EUVD