header-logo
Suggest Exploit
vendor:
ChitChat.NET
by:
SecurityFocus
8,8
CVSS
HIGH
HTML Injection
79
CWE
Product Name: ChitChat.NET
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Clickcess ChitChat.NET discussion forum software is vulnerable to HTML injection. This vulnerability allows a remote attacker to inject malicious HTML and script code into the website. This can lead to cookie-based credential theft.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in web pages.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8417/info

It has been reported that a html injection issue exists in the Clickcess ChitChat.NET discussion forum software. The vulnerability is reported to be present in the Name and Topic Title text boxes. The problem may allow a remote attacker to inject malicious HTML and script code into the website.

This vulerability may lead to cookie-based credential theft.

Name: <script>alert(Zone-h1)</script>

Navigation

Suggest Exploit

Services By CQR