CVE-2011-5297
TTChat 1.0.4 is affected by multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML via (1) the msg parameter to default.php and (2) the username parameter to chat_form.php. The connected sources confirm these particular vectors but d...