Cross-site scripting (XSS) vulnerability in Invision Power Board 2.1 allows remote malicious users to inject arbitrary web script or HTML via the (1) adsess, (2) name, and (3) description parameters in admin.php, and the (4) ACP Notes, (5) Member Name, (6) Password, (7) Email Address, (8) Components, and multiple other input fields.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
invision power services invision board 2.1 |