Vulnerability Details CVE-2011-2470
Cross-site scripting (XSS) vulnerability in chat/base/admin/login.php in A Really Simple Chat (ARSC) 3.3-rc2 allows remote attackers to inject arbitrary web script or HTML via the arsc_message parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www.openwall.com/lists/oss-security/2011/06/02/1
- http://www.openwall.com/lists/oss-security/2011/06/02/7
- https://sourceforge.net/tracker/?func=detail&aid=3310673&group_id=32699&atid=406296
- http://www.openwall.com/lists/oss-security/2011/06/02/1
- http://www.openwall.com/lists/oss-security/2011/06/02/7
- https://sourceforge.net/tracker/?func=detail&aid=3310673&group_id=32699&atid=406296
Products affected by CVE-2011-2470
-
cpe:2.3:a:reallysimplechat:really_simple_chat:3.3