CVE-2026-6159

code-projects Simple ChatBox Endpoint insert.php cross site scripting

Description

A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

INFO

Published Date :

2026-04-13T04:15:25.599Z

Last Modified :

2026-04-13T13:17:52.323Z

Source :

VulDB

AFFECTED PRODUCTS

The following products are affected by CVE-2026-6159 vulnerability.

Vendors	Products
Code-projects	Simple Chatbox

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-6159.

URL	Resource
https://code-projects.org/
https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/Stored%20Cross-Site%20Scripting%20(XSS)%20in%20Simple%20Chatbox%20PHP%20msg%20Parameter.md
https://vuldb.com/submit/796666
https://vuldb.com/vuln/357039
https://vuldb.com/vuln/357039/cti

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact