CVE-2023-30326 Information

Description

Cross Site Scripting (XSS) vulnerability in username field in /WebContent/WEB-INF/lib/chatbox.jsp in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e allows attackers to execute arbitrary code.

Reference

https://payatu.com/advisory/cross-site-scripting-vulnerability-in-username-field-in-chatbox-functionality-in-chatengine-1-0/ https://github.com/wliang6/ChatEngine/blob/master/WebContent/WEB-INF/lib/chatbox.jsp#L12