CVE-2024-13019

Name of the Vulnerable Software and Affected Versions code-projects Chat System version 1.0

Description A vulnerability has been found in the code-projects Chat System. The issue affects an unknown function of the file /admin/update room.php of the component Chat Room Page. The manipulation of the name argument leads to cross-site scripting. It is possible to launch the attack remotely.

Recommendations For code-projects Chat System version 1.0, as a temporary workaround, consider restricting access to the /admin/update room.php endpoint until a patch is available. Avoid using the name argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.