Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a javascript URI in the URL of an avatar, possibly related to the avatar parameter in register.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
x7 group x7 chat 2.0.2 |