CVE-2005-0863

Cross-site scripting (XSS) vulnerability in PHPOpenChat v3.x allows remote attackers to inject arbitrary web script or HTML via (1) the chatter parameter to regulars.php or (2) the chatter, chatter1, chatter2, chatter3, or chatter4 parameters to register.php.

Published: May 2, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-0863
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
phpopenchat / phpopenchat	3.0.2	3.0.2.x
phpopenchat / phpopenchat	3.0.0	3.0.0.x
phpopenchat / phpopenchat	3.0.1	3.0.1.x

http://seclists.org/lists/bugtraq/2005/Mar/0331.html
http://secunia.com/advisories/14651
http://www.securityfocus.com/bid/12841
https://exchange.xforce.ibmcloud.com/vulnerabilities/19748

Vulnerability Database

289,871

CVE-2005-0863