CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2279

Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 Final allows remote attackers to execute arbitrary script as other users via the pop parameter in a chat action to index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.1%

CVSS Severity

CVSS v2 Score 4.3

References

http://archives.neohapsis.com/archives/bugtraq/2004-03/0082.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/15448
http://archives.neohapsis.com/archives/bugtraq/2004-03/0082.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/15448

Products affected by CVE-2004-2279

Invision Power Services » Invision Power Board » Version: 1.3_final

cpe:2.3:a:invision_power_services:invision_power_board:1.3_final

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2279

Products

Pricing

Contact Us