Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0359

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2004-0359
Last Modified 05 Sep 2008 04:38:13
Published 23 Nov 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-0359

Summary

Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote attackers to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters.

Vulnerable Systems

Application

  • Invision Power Services Invision Board 1.3 Final

  • Invision Power Services Invision Board 1.3.1 Final


References

XF - invision-xss(15403)

BID - 9768

OSVDB - 4154

SECUNIA - 11053

BUGTRAQ - 20040305 Invision Power Board v1.3 Final Cross Site Scripting Vulnerabillity


Last Updated: 27 May 2016 10:38:34