CVE-2026-6159

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions code-projects Simple ChatBox versions prior to 1.1

Description A cross site scripting issue exists in the Endpoint component within the file '/chatbox/insert.php'. A remote attacker can exploit this by manipulating the msg argument.

Recommendations Update to a version later than 1.0. As a temporary workaround, restrict access to the '/chatbox/insert.php' file or sanitize the msg argument to minimize the risk of exploitation.

Exploit

Fix

Code Injection

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94CWE-79

Related Identifiers

CVE-2026-6159

Affected Products

Simple Chatbox

CVE-2026-6159

Weakness Enumeration

Related Identifiers

Affected Products

References · 7