Vulnerability Details CVE-2019-25613
Easy Chat Server 3.1 contains a denial of service vulnerability that allows remote attackers to crash the application by sending oversized data in the message parameter. Attackers can establish a session via the chat.ghp endpoint and then send a POST request to body2.ghp with an excessively large message parameter value to cause the service to crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.0%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2019-25613
-
cpe:2.3:a:echatserver:easy_chat_server:3.1