VULHUB ™

WebChat has been reported prone to a cross-site scripting vulnerability. WebChat does not adequately filter script code from URI parameters, making it prone to cross-site scripting attacks. Attacker-supplied script code may be included in a malicious link to the WebChat 'users.php' script. This may enable a remote attacker to steal cookie-based authentication credentials from legitimate users. Other attacks are also possible. This vulnerability was reported to affect WebChat version 2.0 other versions may also be affected.

WebChat has been reported prone to a cross-site scripting vulnerability. WebChat does not adequately filter script code from URI parameters, making it prone to cross-site scripting attacks. Attacker-supplied script code may be included in a malicious link to the WebChat 'users.php' script. This may enable a remote attacker to steal cookie-based authentication credentials from legitimate users. Other attacks are also possible. This vulnerability was reported to affect WebChat version 2.0 other versions may also be affected.