PT-2022-17405 · Unknown · Simple Ajax Chat
Philippe Dourassov
·
Published
2022-03-25
·
Updated
2022-12-02
·
CVE-2022-25610
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Simple Ajax Chat versions <= 20220115
Description
The issue is related to Unauthenticated Stored Cross-Site Scripting (XSS), which allows an attacker to store malicious code. However, the attack requires specific conditions, making it hard to exploit.
Recommendations
For Simple Ajax Chat versions <= 20220115, update to a version newer than 20220115 to resolve the issue.
At the moment, there is no information about other specific fixes for this vulnerability.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Simple Ajax Chat