LY Corporation: Bot setting information leakage in OpenChat room

Due to the bug in the authority verification process, it could be possible for the non-admin users to see settings details for Line OpenChat Admin Bot, such as saved scheduled messages and auto-responses...

LY Corporation: LINE Profile ID leaks in OpenChat

Users can participate in OpenChat using a new OpenChat profile that is distinct from the LINE profile. However, when the victim attaches an image in a post in OpenChat's Note, the ID of LINE Profile was stored together in the image's metadata. From this information, it is possible to determine th...

PHPOPENCHAT 3.0.2 Cross Site Scripting AND/OR FPD

No description provided by source. The PoC: 1.- Preview This web APP is Vulnerable to xss in its instalation file but you can misconfigurate all the code with this bug also, you must see to understand... 2.- Vulnerable Code function databasesetup if isset$POST'formdata' $host = string...