PT-2019-18961 · Invision Power · Invision Power Board

Igor Sak-Sakovskiy

+1

·

Publicado

2019-03-02

·

Atualizado

2019-03-07

·

CVE-2019-8278

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Invision Power Board versions 3.3.1 through 3.4.8
Description The issue is related to Stored XSS, which can lead to Remote Code Execution.
Recommendations For Invision Power Board versions 3.3.1 through 3.4.8, update to a version that contains a fix for this issue.

Exploit

Correção

RCE

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2019-8278

Produtos afetados

Invision Power Board