CVE-2009-5159

CVE-2009-5159

EPSS 3.4%

Invision Power Board (aka IPB or IP.Board) 2.x through 3.0.4, when Internet Explorer 5 is used, allows XSS via a .txt attachment.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://community.invisionpower.com/topic/300051-invision-power-board-305-released/https://packetstormsecurity.com/files/83624/Invision-Power-Board-3.0.4-Cross-Site-Scripting.html https://www.exploit-db.com/exploits/33394 https://www.securityfocus.com/bid/37263/info