2 matches found
CVE-2020-29477
CVE-2020-29477 affects Invision Community 4.5.4, with a stored cross-site scripting in the Field Name field. The vulnerability allows an attacker to inject an XSS payload that triggers when users view the field, potentially enabling cookie theft depending on the payload. Public references include...
Invision Community 4.5.4 - 'Field Name' Stored Cross-Site Scripting
Exploit Title: Invision Community 4.5.4 - 'Field Name' Stored Cross-Site Scripting Date: 02-12-2020 Exploit Author: Hemant Patidar HemantSolo Vendor Homepage: https://invisioncommunity.com/ Software Link: https://invisioncommunity.com/buy Version: 4.5.4 Tested on: Windows 10/Kali Linux CVE:...