Vulnerability Details CVE-2021-43633
Sourcecodester Messaging Web Application 1.0 is vulnerable to stored XSS. If a sender inserts valid scripts into the chat, the script will be executed on the receiver chat.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.9%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
- https://medium.com/%40shaunwhorton/how-i-found-two-different-xss-vulnerabilities-a491144e8494
- https://www.sourcecodester.com/php/14996/messaging-web-application-phpoop-free-source-code.html
- https://medium.com/%40shaunwhorton/how-i-found-two-different-xss-vulnerabilities-a491144e8494
- https://www.sourcecodester.com/php/14996/messaging-web-application-phpoop-free-source-code.html
Products affected by CVE-2021-43633
-
cpe:2.3:a:messaging_web_application_project:messaging_web_application:1.0