Chatengine Project Chatengine — known CVE vulnerabilities
Every CVE whose affected-product data names Chatengine Project Chatengine, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-30319 — CVSS 9.6 (critical): Cross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit…
CVE-2023-30320 — CVSS 9.0 (critical): Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine commit…
CVE-2023-30321 — CVSS 9.0 (critical): Cross Site Scripting (XSS) vulnerability in textMessage field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit…
CVE-2023-30323 — CVSS 7.5 (high): SQL Injection vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers to gain…
CVE-2023-30325 — CVSS 7.5 (high): SQL Injection vulnerability in textMessage parameter in /src/chatbotapp/chatWindow.java in wliang6 ChatEngine v.1.0, allows attackers to…
CVE-2023-30326 — CVSS 6.1 (medium): Cross Site Scripting (XSS) vulnerability in username field in /WebContent/WEB-INF/lib/chatbox.jsp in wliang6 ChatEngine commit…
CVE-2023-30322 — CVSS 5.4 (medium): Cross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu ChatEngine v.1.0, allows attackers…