2 matches found
CVE-2006-2282
The CVE-2006-2282 entry describes an XSS vulnerability in X7 Chat 2.0.2 and earlier where a crafted javascript: URI in the avatar URL (likely related to the avatar parameter in register.php) allows remote attackers to inject arbitrary web script or HTML. Public details include a CVSS v2 base scor...
CVE-2006-2282
Cross-site scripting XSS vulnerability in X7 Chat 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the URL of an avatar, possibly related to the avatar parameter in register.php...