Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2
CVE-2024-30162
- EPSS 0.38%
- Published 07.06.2024 17:15:50
- Last modified 21.11.2024 09:11:20
Invision Community through 4.7.16 allows remote code execution via the applications/core/modules/admin/editor/toolbar.php IPS\core\modules\admin\editor\_toolbar::addPlugin() method. This method handles uploaded ZIP files that are extracted into the a...
4.8
CVE-2020-29477
- EPSS 0.17%
- Published 30.12.2020 15:15:12
- Last modified 21.11.2024 05:24:03
Invision Community 4.5.4 is affected by cross-site scripting (XSS) in the Field Name field. This vulnerability can allow an attacker to inject the XSS payload in Field Name and each time any user will open that, the XSS triggers and the attacker can ...
1