CVE-2006-5204
The CVE-2006-5204 issue affects Invision Power Board (IPB) 2.1.7 and earlier, where a cross-site scripting (XSS) flaw in action_admin/member.php can be triggered via the avatar setting. This enables remote authenticated users to inject arbitrary script/HTML, and the description also notes a poten...