cve-2008-6565
Vulnerability from cvelistv5
Published
2009-03-31 17:00
Modified
2024-08-07 11:34
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:34:47.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28466",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28466"
},
{
"name": "Invisionpowerboard-signature-xss(41502)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41502"
},
{
"name": "20080326 Invision Power Board \u003c=2.3.x iFrame Vuln",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490115/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "28466",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28466"
},
{
"name": "Invisionpowerboard-signature-xss(41502)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41502"
},
{
"name": "20080326 Invision Power Board \u003c=2.3.x iFrame Vuln",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490115/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28466",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28466"
},
{
"name": "Invisionpowerboard-signature-xss(41502)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41502"
},
{
"name": "20080326 Invision Power Board \u003c=2.3.x iFrame Vuln",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490115/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6565",
"datePublished": "2009-03-31T17:00:00",
"dateReserved": "2009-03-31T00:00:00",
"dateUpdated": "2024-08-07T11:34:47.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2008-6565\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-03-31T17:30:00.467\",\"lastModified\":\"2024-11-21T00:56:51.830\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Invision Power Board v2.3.1 y anteriores, permite a atacantes remotos inyectar secuencias de comandos Web o HTML de su elecci\u00f3n a trav\u00e9s de una etiqueta IFRAME en la firma.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.3.1\",\"matchCriteriaId\":\"80F198C2-6AAD-482F-A95E-10505A69993C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19CF6BD7-04F2-4D69-8402-EC4B637EA083\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F0C566E-2AC5-47A2-9246-2FBC87828690\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B83740E-6C38-4BEB-84A2-6B0F01799DCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29692429-A920-4BAD-9D79-D36EBE74EFB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D52AB16-A202-48B6-82C0-AD13EBCC7FCA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C498DCB3-3CC7-4334-BF61-F5DA43F4B90F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99A7875E-DAF0-46CD-AE30-246EB3FC6BB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.3.1_final:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2103FBA-1B72-43FC-A1ED-28F8C7DA0EE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:1.3_final:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94FBF21B-CF52-41BB-BAF1-AF822586D28B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9AF155D-BDF6-4B5F-89BF-62CDE6FB48DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"615FFE8F-1EDA-4CE2-BC6F-E7348DAE37E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19B001F3-8A6E-423D-9382-AA696D193F08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CDDB243-B03B-4DFE-9234-FD886EA80C50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7139AE38-8E5D-4D1D-A126-9CD10CE13E2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E24336F-BD4C-4596-8FFE-9D53AB802BB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0.x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE478AB9-7ED4-4FDD-8990-CC4442CFA416\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0_alpha3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14F5777B-25A8-4D20-AD24-A639E315582F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0_pdr3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FF0C787-BDC5-4154-809A-864DA3D4769D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23A69133-FF5A-457E-823F-64920A0DB9F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.0_pf2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23C37B74-6486-46A2-AC2C-C27786ED697E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C63DDA0-9B4C-4D3E-9633-82C330753ABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB960ACC-74D4-4AFB-886C-11EB5180DFD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1BA6316-7E7E-4A6B-AA54-1846198D64BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA70C944-F70E-49F4-AA9C-D19148925C0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CAF5259-D99A-45A1-8DD4-C6858B302272\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67ED0140-7137-4F8D-AEA1-53251D4D4273\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75723F84-9989-4195-9827-E3A6DF2ABA6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.5_2006-03-08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED5116FA-C532-42DF-ABBD-193AD7B799A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.5_2006-04-25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A90F21A-0FE7-456C-86FA-2F60542A7EA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8BC2011-5D19-4AF2-BCCD-38A03D0175FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEEA453B-2359-4B20-A8EE-71B07B60EDB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1.x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEEA02AE-B0C9-4C37-8A0A-23351EBE58FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1_alpha2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"232885C1-B578-4E6E-8472-FF47A17DF976\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19FFFBC9-F6F0-421C-BD8A-6F2F81C4E62F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CB7078D-61D2-4ED9-AC8E-2D4F350F0716\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EC2800F-3A8C-4B63-B754-D921DFF79496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1_beta5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5C8BA41-7876-4738-A68A-2162E28A3AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.1_rc1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18BF761A-6459-42B0-BCB8-F735FBDD6139\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05AF1F12-0E9C-478C-9DDA-356E5231A073\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9826649-436F-4C05-A0DB-0C5D5CC42B61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D2431F4-91A3-42C0-985C-1A5DBE305E95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:invision_power_services:invision_power_board:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE56D215-CECF-4FB2-9042-A0CA9FC1D3AD\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/archive/1/490115/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/28466\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41502\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/490115/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/28466\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41502\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.