CVE-2011-2470

Reallysimplechat Really Simple Chat - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in chat/base/admin/login.php in A Really Simple Chat (ARSC) 3.3-rc2 allows remote attackers to inject arbitrary web script or HTML via the arsc_message parameter.

References (3)

[Exploit] http://www.openwall.com/lists/oss-security/2011/06/02/1

[Exploit] http://www.openwall.com/lists/oss-security/2011/06/02/7

[Product] https://sourceforge.net/tracker/?func=detail&aid=3310673&group_id=32699&atid=406296

Scores

EPSS 0.0025

EPSS Percentile 48.5%

Classification

CWE

CWE-79

Status published

Affected Products (2)

reallysimplechat/really_simple_chat

n/a/n/a

Timeline

Published Jun 29, 2011

Tracked Since Feb 18, 2026