CVE-2007-0834

Properties

Published:
06.02.2007
Updated:
27.02.2008
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Product:
Darrens 5-Dollar Script Archive: FlashChat

Vulnerability description

Cross-site scripting (XSS) vulnerability in FlashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via the user name field when the user joins a chat room, a different vulnerability than CVE-2007-0807.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References:

SECUNIA: http://secunia.com/advisories/24071
XF: http://xforce.iss.net/xforce/xfdb/32417