Cross-site scripting (XSS) vulnerability in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) 4.x prior to 4.0.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the event_location[address] array parameter to calendar/submit/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
invisionpower invision power board 4.0.2 |
||
invisionpower invision power board 4.0.3 |
||
invisionpower invision power board 4.0.4 |
||
invisionpower invision power board 4.0.5.1 |
||
invisionpower invision power board 4.0.9.2 |
||
invisionpower invision power board 4.0.10.2 |
||
invisionpower invision power board 4.0.11 |
||
invisionpower invision power board 4.0.12 |
||
invisionpower invision power board 4.0.0 |
||
invisionpower invision power board 4.0.7 |
||
invisionpower invision power board 4.0.8.1 |
||
invisionpower invision power board 4.0.1 |
||
invisionpower invision power board 4.0.6.1 |
||
invisionpower invision power board 4.0.8 |