CVE-2023-30320 Information

Description

Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e allows attackers to execute arbitrary code.

Reference

https://github.com/wliang6/ChatEngine/blob/master/src/chatbotapp/chatWindow.java#L71:L81 https://payatu.com/advisory/cross-site-scripting-xss-vulnerability-in-wliang6-chatengine-allows-attackers-execute-arbitrary-code/