Cross site scripting

Cross-site scripting XSS vulnerability in Let's PHP! Frame high-speed chat before 2015-09-22 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...