Vulnerability CVE-2017-8899


Published: 2017-05-11

Description:
Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to moderator/admin accounts. The primary cause is the ability to upload an SVG document with a crafted attribute such an onload; however, full path disclosure is required for exploitation.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Invisionpower -> Invision power board 

 References:
http://zeroday.insecurity.zone/exploits/ipb_owned.txt
https://twitter.com/insecurity/status/862154908895780864
https://twitter.com/sxcurity/status/862284967715381248

Copyright 2024, cxsecurity.com

 

Back to Top