CVE-2004-0678

12Planet Chat Server 2.9 - XSS

Title source: llm

Description

Cross-site scripting (XSS) in one2planet.infolet.InfoServlet in 12Planet Chat Server 2.9 allows remote attackers to execute arbitrary script as other users via the page parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Donato Ferrante · textremotemultiple

https://www.exploit-db.com/exploits/24253

View Code ZIP pw:eip

References (4)

[Mailing List] http://marc.info/?l=bugtraq&m=108904648728706&w=2

[Broken Link] http://www.autistici.org/fdonato/advisory/12PlanetChatServer2.9-adv.txt

[Third Party Advisory] http://www.securityfocus.com/bid/10659

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/16605

Scores

EPSS 0.0064

EPSS Percentile 70.2%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

12planet/chat_server

Timeline

Published Aug 06, 2004

Tracked Since Feb 18, 2026