CVE-2014-125089
CVE-2014-125089 affects cention-chatserver 3.8.0-rc1. The vulnerability lies in the function _formatBody of lib/InternalChatProtocol.fe, where manipulation of the body parameter enables cross-site scripting. Exploitation is described as remote. A fix is available in version 3.9, with the patch id...