2 matches found
CVE-2021-39249
creationtimestamp| type| source ---|---|--- 2021-08-18 02:16:15+00:00| seen| https://t.me/cibsecurity/27473...
CVE-2021-39249
Invision Community (IPS Community Suite / IP-Board) prior to 4.6.5.1 is affected by a reflected XSS vulnerability. The issue arises because uploaded file names are predictable via brute-force against PHP mt_rand, enabling an attacker to craft payloads that may be reflected. Affected product: Invi...