Invision Power Board Unspecified HTML Injection Vulnerability

Invision Power Board Unspecified HTML Injection Vulnerability

Invision Power Board is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker may exploit the HTML-injection issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials, control how the site is displayed, and launch other attacks.