Summary
123 Flash Chat is prone to multiple security vulnerabilities. These vulnerabilities include a cross-site scripting vulnerability, multiple information-disclosure vulnerabilities, and a directory-traversal vulnerability.
An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, obtain sensitive information, or perform unauthorized actions. Other attacks are also possible.
123 Flash Chat 7.8 is vulnerable
other versions may also be affected.
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- Annuaire PHP 'sites_inscription.php' Cross Site Scripting Vulnerability
- Advanced Image Hosting Cross Site Scripting Vulnerability
- Apache Struts2/XWork Remote Command Execution Vulnerability