PT-2021-22494 · Invision Power Services · Invision Community

Simon Scannell

Published

2021-08-17

Updated

2022-07-12

CVE-2021-39249

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Invision Community versions prior to 4.6.5.1

Description The issue allows reflected XSS because the filenames of uploaded files become predictable through a brute-force attack against the PHP mt rand function. This predictability can be exploited to conduct reflected XSS attacks.

Recommendations For versions prior to 4.6.5.1, update to version 4.6.5.1 or later to resolve the issue. As a temporary workaround, consider restricting file uploads until the update is applied.

Exploit

Fix

Use of Insufficiently Random Values

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-330

Related Identifiers

CVE-2021-39249

Affected Products

Invision Community

PT-2021-22494 · Invision Power Services · Invision Community

CVE-2021-39249

Weakness Enumeration

Related Identifiers

Affected Products

References · 6