CVE-2026-6159 | code-projects Simple ChatBox up to 1.0 Endpoint /chatbox/insert.php msg cross site scripting

Inserito da Angelo Barbosa | Apr 12, 2026 | CVE

A vulnerability labeled as problematic has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting.

This vulnerability is listed as CVE-2026-6159. The attack may be performed from remote. In addition, an exploit is available.

CVE-2026-6159 | code-projects Simple ChatBox up to 1.0 Endpoint /chatbox/insert.php msg cross site scripting

Post correlati

CVE-2026-24678 | FreeRDP up to 3.21.x ecam_channel_write use after free (GHSA-6gvg-29wx-6v7h)

CVE-2025-5369 | SourceCodester PHP Display Username After Login 1.0 /login.php sql injection

CVE-2023-28871 | NCP Secure Enterprise Client up to 12.21 symlink (usd-2022-0005)

CVE-2024-27622 | CMS Made Simple 2.2.19 User Defined Tags Module code injection