CVE-2006-1287

Sažetak

Cross-site scripting (XSS) vulnerability in Invision Power Board (IPB) 2.0.4 and 2.1.4 before 20060130 allows remote attackers to steal cookies and probably conduct other activities when the victim is using Internet Explorer.

Reference

http://forums.invisionpower.com/index.php?showtopic=206790
http://secunia.com/advisories/19141
http://www.vupen.com/english/advisories/2006/0861

CVSS

Base:	5.8
Impact:	4.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

08-03-2011 - 02:32

Objavljeno

19-03-2006 - 23:02