X XMAN Active member Joined Jul 12, 2021 Messages 19,642 Reaction score 71 Points 38 Aug 18, 2021 #1 CVE-2021-39249 Invision Community (aka IPS Community Suite or IP-Board) before 4.6.5.1 allows reflected XSS because the filenames of uploaded files become predictable through a brute-force attack against the PHP mt_rand function. Date Record Created
CVE-2021-39249 Invision Community (aka IPS Community Suite or IP-Board) before 4.6.5.1 allows reflected XSS because the filenames of uploaded files become predictable through a brute-force attack against the PHP mt_rand function. Date Record Created