CVE-2025-7951

Low CVSS 3.5

Overview

A vulnerability classified as problematic has been found in code-projects Public Chat Room 1.0. This affects an unknown part of the file /send_message.php. The manipulation of the argument chat_msg/your_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CWE: CWE-79 Published: 2025-07-22T03:15:28.827

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 3.5 (LOW)
Detected tags: xss (tag impact: MODERATE)

Recommended actions:

Apply context-aware output encoding.
Enable Content-Security-Policy and HttpOnly/SameSite cookies.

Overview

Recommended tools

Tags