CVE CVE-2021-39249 | Invision Community (IPS) before 4.6.5.1 allows reflected XSS

CVE - CVE-2021-39249 | Invision Community (IPS) before 4.6.5.1 allows reflected XSS - TheJavaSea Forum, Gaming Laptops & PCs Reviews, Linux Tutorials, Network Hacks, Hacking, Leaks, Proxies, Domains & Webhosting, Coding Tutorials, SEO Tips & Hacks, Security TIPS and much more.
Common Vulnerabilities and Exposures

Marks-Man

Administrator
Joined: Mar 15, 2021
Messages: 1,050
Resources: 405
Points: 113
Reaction score: 1,306
CVE-2021-39249 Invision Community (aka IPS Community Suite or IP-Board) before 4.6.5.1 allows reflected XSS because the filenames of uploaded files become predictable through a brute-force attack against the PHP mt_rand function.


Date Record Created
Assigning CNA
References
Description
Invision Community (aka IPS Community Suite or IP-Board) before 4.6.5.1 allows reflected XSS because the filenames of uploaded files become predictable through a brute-force attack against the PHP mt_rand function.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MITRE Corporation
20210817Disclaimer: The record
 
  • Tags
    cve-2021-39249 invision community (ips) before 4.6.5.1 allows xss
  • Top