5 matches found
CVE-2018-20370
SZ NetChat before 7.9 has XSS in the MyName input field of the Options module. Attackers are able to inject commands to compromise the enabled HTTP server web frontend...
SZ NetChat Options Module Cross-Site Scripting Vulnerability
SZ NetChat is an online chat application.Options module is one of the menu modules. A cross-site scripting vulnerability exists in the MyName input field of the Options module in SZ NetChat versions prior to 7.9, which can be exploited by a remote attacker to inject commands that could affect the...
Design/Logic Flaw
SZ NetChat before 7.9 has XSS in the MyName input field of the Options module. Attackers are able to inject commands to compromise the enabled HTTP server web frontend...
CVE-2018-20370
SZ NetChat before 7.9 has XSS in the MyName input field of the Options module. Attackers are able to inject commands to compromise the enabled HTTP server web frontend...
CVE-2018-20370
SZ NetChat before 7.9 is vulnerable to Cross-Site Scripting in the Options module (MyName input). The root cause is an XSS flaw in the MyName field, allowing a remote attacker to inject inputs that could compromise the enabled HTTP server web frontend. The public references consistently describe ...