Description
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Woody Hughes · textwebappsphp
https://www.exploit-db.com/exploits/25267
References (1)
Core 1
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12888
Scores
EPSS
0.0046
EPSS Percentile
64.3%
Details
Status
published
Products (15)
invision_power_services/invision_board
1.0
invision_power_services/invision_board
1.0.1
invision_power_services/invision_board
1.1.1
invision_power_services/invision_board
1.1.2
invision_power_services/invision_board
1.2
invision_power_services/invision_board
1.3
invision_power_services/invision_board
1.3.1_final
invision_power_services/invision_board
1.3_final
invision_power_services/invision_board
2.0
invision_power_services/invision_board
2.0.1
... and 5 more
Published
May 02, 2005
Tracked Since
Feb 18, 2026