CVE-2025-48933 | Invision Community up to 4.7.20/5.0.7 oauth/callback/index.php state cross site scripting

A vulnerability was found in Invision Community up to 4.7.20/5.0.7. It has been rated as problematic. This issue affects some unknown processing of the file oauth/callback/index.php. The manipulation of the argument state leads to cross site scripting.

The identification of this vulnerability is CVE-2025-48933. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More