Security Advisory

CVE-2021-39249

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-17 22:02:27

Last updated 2024-08-04 02:06:40

Assigner mitre

State PUBLISHED

Description

Invision Community (aka IPS Community Suite or IP-Board) before 4.6.5.1 allows reflected XSS because the filenames of uploaded files become predictable through a brute-force attack against the PHP mt_rand function.

← Browse all CVEs View on cve.org ↗