Multiple cross-site scripting (XSS) vulnerabilities in NatterChat 1.12 allow remote attackers to inject arbitrary web script or HTML via the (1) txtUsername parameter to registerDo.asp, as invoked from register.asp, or (2) txtRoomName parameter to room_new.asp. NOTE: these issues might be resultant from XSS in SQL error messages.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-08-24T10:00:00

Updated: 2024-08-07T11:49:03.105Z

Reserved: 2009-08-23T00:00:00

Link: CVE-2008-7048

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-08-24T10:30:02.127

Modified: 2024-11-21T00:58:08.603

Link: CVE-2008-7048

cve-icon Redhat

No data.