Vulnerability CVE-2014-3149

Vulnerability CVE-2014-3149

Published: 2014-07-03

Description:

	Topic	Author	Date
Low	IP.Board 3.4.x / 3.3.x Cross Site Scripting	Christian	03.07.2014

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
Invisionpower -> Invision power board
Invisionpower -> Ip.nexus

http://community.invisionpower.com/topic/399747-ipboard-33x-34x-security-update

http://packetstormsecurity.com/files/127328/IP.Board-3.4.x-3.3.x-Cross-Site-Scripting.html

http://www.christian-schneider.net/advisories/CVE-2014-3149.txt

http://www.securityfocus.com/archive/1/532618/100/0/threaded

http://www.securityfocus.com/bid/67164