Information from Let's PHP!

Vulnerability ID:JVN#35845584
Title:Frame high-speed chat vulnerable to cross-site scripting
Status:Vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.