CVE-2023-30322

Name of the Vulnerable Software and Affected Versions Payatu ChatEngine version 1.0

Description The issue is related to a Cross Site Scripting (XSS) vulnerability in the username field, located in the /src/chatbotapp/chatWindow.java file. This vulnerability allows attackers to execute arbitrary code.

Recommendations For Payatu ChatEngine version 1.0, consider disabling the username field in the chatWindow.java file as a temporary workaround until a patch is available. Restrict access to the chatWindow.java file to minimize the risk of exploitation. Avoid using the username field in the affected API endpoint until the issue is resolved.