VULHUB ™

It may be possible to inject hostile HTML script code into Invision Board by using overlapping IBF formatting tags. This could cause the hostile code to be interpreted in the context of the site hosting the software. Any input fields which support inclusion of IBF code may be prone to this issue. It should be noted that it may not be possible to inject arbitrary HTML into Invision Board but it is more likely that this could be exploited to spoof or manipulate links or include other abusive content.

It may be possible to inject hostile HTML script code into Invision Board by using overlapping IBF formatting tags. This could cause the hostile code to be interpreted in the context of the site hosting the software. Any input fields which support inclusion of IBF code may be prone to this issue. It should be noted that it may not be possible to inject arbitrary HTML into Invision Board but it is more likely that this could be exploited to spoof or manipulate links or include other abusive content.