3 matches found
CVE-2023-30095
CVE-2023-30095 affects TotalJS Messenger (commit b6cf1c9). It describes a stored XSS vulnerability in the channel description field, allowing an attacker to execute arbitrary web scripts or HTML in the context of the affected app. The vulnerability is evidenced across multiple sources, including ...
CVE-2023-30096
CVE-2023-30096 concerns a stored XSS in TotalJS Messenger (commit b6cf1c9). The vulnerability arises in the user information field, allowing an attacker to inject crafted payloads that execute arbitrary web scripts/HTML when processed by the vulnerable component. Reported impact is limited to cli...
CVE-2023-30097
CVE-2023-30097 concerns TotalJS messenger. The vulnerability is a stored cross-site scripting (XSS) issue in the messenger, exploitable via a crafted payload injected into the private task field (commit b6cf1c9). Affected software is TotalJS messenger; underlying cause is stored XSS; impact is ex...