Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

CNVD
CNVDadded 2021/01/06 12:0 a.m.1 views

IPS Community Suite Cross-Site Scripting Vulnerability

IPS Community Suite is an Internet community software produced mainly by Invision Power Services, which is written in PHP and uses MySQL as a database management system. Versions of IPS Community Suite prior to 4.5.4.2 are vulnerable to a cross-site scripting vulnerability during a quoted post or...

6.1CVSS6.2AI score0.00359EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2019/04/08 12:34 a.m.9 views

Vanilla: Hidden Stored XSS in nested post embeds

Summary: Comments can be crafted in a way that when quoted will trigger a hidden stored XSS payload. Requires initial user interaction. Description: When quoting a comment, an attacker can edit the insert embed-external data url field to contain a string which when parsed, can result in the...

0.6AI score
Exploits0
Rows per page
Query Builder