CVE-2023-30319

Published July 6th, 2023

View on NVD ↗

CVSS v3

9.6

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

Cross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code.

wliang6/ChatEngine

A JavaEE web application built using Eclipse plugins: Oracle Database Tools, Database Development, and Derby then deployed into Tomcat.

GitHub