Cross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code.
https://payatu.com/advisory/cross-site-scripting-xxs-vulnerability-in-wliang6-chatengine/