2021-02-23 02:15:00 2021-02-26 23:07:00

Chatbox is affected by cross-site scripting (XSS). An attacker has to upload any XSS payload with SVG, XML file in Chatbox. There is no restriction on file upload in Chatbox which leads to stored XSS.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE