CVE-2008-0913

Invision Power Services Invision Power Board - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB or IP.Board) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via crafted BBCodes in an unspecified context.

References (2)

[Patch] http://forums.invisionpower.com/index.php?showtopic=269961

[Vendor Advisory] http://secunia.com/advisories/29055

Scores

EPSS 0.0022

EPSS Percentile 45.1%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

invision_power_services/invision_power_board

Timeline

Published Feb 22, 2008

Tracked Since Feb 18, 2026