Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in NatterChat 1.12 allow remote attackers to inject arbitrary web script or HTML via the (1) txtUsername parameter to registerDo.asp, as invoked from register.asp, or (2) txtRoomName parameter to room_new.asp. NOTE: these issues might be resultant from XSS in SQL error messages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NatterChat 多个跨站脚本攻击漏洞
Vulnerability Description
NatterChat是一款国外的文本聊天室程序,支持access和mssql。 NatterChat 1.12版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助(1)到registerDo.asp的txt用户名参数(从register.asp中被调用)或(2)到room_new.asp的txtRoomName参数,注入任意的web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A