53kf: Security Vulnerabilities
Cross site scripting vulnerability in 53KF < 2.0.0.2 that allows for arbitrary code to be executed via crafted HTML statement inserted into chat window.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-10-04
The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side protection mechanisms against cross-site scripting (XSS), which allows remote attackers to conduct XSS attacks by using a modified client to send a crafted IM message, related to the msg variable.
CVSS Score
4.3
EPSS Score
0.003
Published
2009-01-22