CVE-2023-30326

CVE-2023-30326 : XSS vulnerability in wliang6 ChatEngine, in the file /WebContent/WEB-INF/lib/chatbox.jsp (username field). The root cause is improper input handling in chatbox.jsp, enabling injection of scripts. Affected product: wliang6 ChatEngine (version 1.0 per CNNVD/CVE context). Impact per...

CVE-2023-30319

ChatEngine (Java web app) is affected by a cross-site scripting (XSS) vulnerability in the username field of /src/chatbotapp/LoginServlet.java, observed in commit fded8e710ad59f816867ad47d7fc4862f6502f3e. The issue allows arbitrary code execution as described in multiple sources referencing CVE-2...

ChatEngine 跨站脚本漏洞

ChatEngine is a Java web application by the individual developer Winnie Liang. A security vulnerability exists in ChatEngine v.1.0, which is caused by a cross-site scripting XSS vulnerability in the username field...

CVE-2023-30325

SQL Injection vulnerability in textMessage parameter in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine v.1.0, allows attackers to gain sensitive information...

PT-2023-22630 · Unknown · Wliang6 Chatengine

Name of the Vulnerable Software and Affected Versions: wliang6 ChatEngine affected versions not specified Description: A Cross Site Scripting XSS issue exists in the textMessage field in /src/chatbotapp/chatWindow.java, allowing attackers to execute arbitrary code. This is due to a vulnerability ...

Payatu ChatEngine SQL注入漏洞

ChatEngine is a Java web application by Winnie Liang Personal Developer. A security vulnerability exists in Payatu ChatEngine version v.1.0, which originates from a SQL injection issue in /src/chatbotapp/chatWindow.java...

CVE-2023-30325

CVE-2023-30325 describes a SQL injection vulnerability in the Java-based ChatEngine v1.0, specifically via the textMessage parameter in /src/chatbotapp/chatWindow.java. The weakness allows an attacker to potentially exfiltrate sensitive data. Public sources consistently identify the affected comp...