Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.1.5 and previous versions prior to 20060308 allows remote malicious users to inject arbitrary web script or HTML via a Private Message (PM) in certain circumstances.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
invision power services invision power board 2.1_alpha2 |
||
invision power services invision power board 2.1 |
||
invision power services invision power board 2.1.5 |