53kf : Security Vulnerabilities, CVEs,
The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side protection mechanisms against cross-site scripting (XSS), which allows remote attackers to conduct XSS attacks by using a modified client to send a crafted IM message, related to the msg variable.
Max CVSS
4.3
EPSS Score
0.19%
Published
2009-01-22
Updated
2018-10-11
Cross site scripting vulnerability in 53KF < 2.0.0.2 that allows for arbitrary code to be executed via crafted HTML statement inserted into chat window.
Max CVSS
6.1
EPSS Score
0.10%
Published
2021-10-04
Updated
2021-10-08
2 vulnerabilities found