A vulnerability was found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Name/Comment leads to cross site scripting.
This vulnerability is handled as CVE-2024-10433. The attack may be launched remotely. Furthermore, there is an exploit available.
The initial researcher advisory mentions different parameters to be affected which do not correlate with the screenshots of a successful attack.