CVE-2005-0886

Published: May 2, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP POST request.

Affected (15)

Products: Invision Power Services: Invision Board

Invision Power Services

1 product

Invision Board

Configuration A

15 vulnerable

Vulnerable Software	Affected Versions
Invision Power Services Invision Board	Version 1.0.1
Invision Power Services Invision Board	Version 1.0
Invision Power Services Invision Board	Version 1.1.1
Invision Power Services Invision Board	Version 1.1.2
Invision Power Services Invision Board	Version 1.2
Invision Power Services Invision Board	Version 1.3.1_final
Invision Power Services Invision Board	Version 1.3
Invision Power Services Invision Board	Version 1.3_final
Invision Power Services Invision Board	Version 2.0.1
Invision Power Services Invision Board	Version 2.0.2
Invision Power Services Invision Board	Version 2.0
Invision Power Services Invision Board	Version 2.0_alpha_3
Invision Power Services Invision Board	Version 2.0_pdr3
Invision Power Services Invision Board	Version 2.0_pf1
Invision Power Services Invision Board	Version 2.0_pf2

References (2)

http://www.securityfocus.com/bid/12888

Source: cve@mitre.org

http://www.securityfocus.com/bid/12888

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.