Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web chat vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2013-0553
The client implementation in IBM Sametime 8.5.1 up to and including 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote authenticated users to send commands to individual chat users, or to ...
Ibm Sametime 8.5.2.1
Ibm Sametime 8.5.2.0
Ibm Lotus Sametime 8.5.1.1
Ibm Lotus Sametime 8.5.1
NA
CVE-2024-0898
The Chat Bubble – Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.3 due to insufficient input sanitization and ou...
445
VMScore
CVE-2018-18819
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601) and previous versions, and 8.0 (8.0.0.40) up to and including 8.0 SP2 FP2 (8.0.2.202), and MiVoice Business Express versions 7.3 PR3 (7.3.1.302) and previous versions, and 8.0 (8.0.0.40...
Mitel Mivoice Business Express
Mitel Micollab
383
VMScore
CVE-2006-3345
Cross-site scripting (XSS) vulnerability in AliPAGER, possibly 1.5 and previous versions, allows remote malicious users to inject arbitrary web script or HTML via a chat line.
Ajax Softwares Alipager
383
VMScore
CVE-2012-3308
Cross-site scripting (XSS) vulnerability in IBM Sametime 8.0.2 up to and including 8.5.2.1 allows remote malicious users to inject arbitrary web script or HTML via an IM chat.
Ibm Sametime 8.5.1.0
Ibm Sametime 8.5.2.1
Ibm Sametime 8.5.1.1
Ibm Sametime 8.5.0.0
Ibm Sametime 8.5.2.0
Ibm Sametime 8.0.2.0
Ibm Sametime 8.0.2.1
312
VMScore
CVE-2022-21649
Convos is an open source multi-user chat that runs in a web browser. Characters starting with "https://" in the chat window create an <a> tag. Stored XSS vulnerability using onfocus and autofocus occurs because escaping exists for "<" or ">&qu...
Convos Convos
NA
CVE-2023-37259
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. The Export Chat feature includes certain attacker-controlled elements in the generated document without sufficient escaping, leading to stored Cross site scripting (XSS). Since the Expo...
Matrix-react-sdk Project Matrix-react-sdk
Matrix-react-sdk Project Matrix-react-sdk 3.76.0
383
VMScore
CVE-2017-0110
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Outlook Web Access (OWA) allows remote malicious users to inject arbitrary web script or HTML via a crafted email or chat client, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability."
Microsoft Exchange Server 2013
NA
CVE-2023-45696
Sametime is impacted by sensitive fields with autocomplete enabled in the Legacy web chat client. By default, this allows user entered data to be stored by the browser.
NA
CVE-2022-31455
* A cross-site scripting (XSS) vulnerability in Truedesk v1.2.2 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into a user chat box.
Truedesk Truedesk 1.2.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »