CVE-2024-10433 | Project Worlds Simple Web-Based Chat Application 1.0 /index.php Name/Comment cross site scripting

A vulnerability was found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Name/Comment leads to cross site scripting.

This vulnerability is handled as CVE-2024-10433. The attack may be launched remotely. Furthermore, there is an exploit available.

The initial researcher advisory mentions different parameters to be affected which do not correlate with the screenshots of a successful attack.

CVE-2024-10433 | Project Worlds Simple Web-Based Chat Application 1.0 /index.php Name/Comment cross site scripting

Post correlati

CVE-2024-4173 | Brocade SANnav up to 2.3.0 Kafka access control

CVE-2024-33899 | Rarlab WinRAR up to 6.x on Linux/Unix ANSI Escape Sequence unknown vulnerability

CVE-2024-32332 | Totolink N300RT 2.1.8-B20201030.1539 Wireless Page cross site scripting

CVE-2024-37674 | Moodle 3.10 New Activity Field Name cross site scripting