Vulnerabilities > CVE-2007-0807 - HTML Injection vulnerability in Darrens 5-Dollar Script Archive Flashchat 4.7.8
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
darrens-5-dollar-script-archive
Summary
Cross-site scripting (XSS) vulnerability in info.php in flashChat 4.7.8 allows remote attackers to inject arbitrary web script or HTML via a channel title (aka room name) that is not properly handled by the "who's online" feature.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |