Invision Power Board 2.1.4 allows remote malicious users to hijack sessions and possibly gain administrative privileges by obtaining the session ID from the s parameter, then replaying it in another request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
invision power services invision power board 2.1.4 |