CVE-2004-0359

Published: Nov 23, 2004Modified: Apr 16, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in index.php for Invision Power Board 1.3 final allows remote attackers to execute arbitrary script as other users via the (1) c, (2) f, (3) showtopic, (4) showuser, or (5) username parameters.

Affected (2)

Products: Invision Power Services: Invision Board

Invision Power Services

1 product

Invision Board

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Invision Power Services Invision Board	Version 1.3.1_final
Invision Power Services Invision Board	Version 1.3_final

References (10)

http://marc.info/?l=bugtraq&m=107851589701916&w=2

Source: cve@mitre.org

http://secunia.com/advisories/11053

Source: cve@mitre.org

ExploitVendor Advisory

http://www.osvdb.org/4154

Source: cve@mitre.org

http://www.securityfocus.com/bid/9768

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/15403

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=107851589701916&w=2