CVE-2007-2349 Information

Description

Cross-site scripting (XSS) vulnerability in Invision Power Board (IP.Board) 2.1.x and 2.2.x allows remote attackers to inject arbitrary web script or HTML by uploading crafted images or PDF files.

Reference

http://forums.invisionpower.com/index.php?showtopic=234377 http://osvdb.org/35427 http://secunia.com/advisories/25021 http://www.vupen.com/english/advisories/2007/1558 https://exchange.xforce.ibmcloud.com/vulnerabilities/33942