I installed PJIRC on one of my SMF forums (which points to a well-known public IRC server) but it's never been very popular with users as we found the interface to be extremely limiting as you have an entry window of one line high that doesn't scroll — when you reach the line end it empties (as you carry on typing). I find this quite disconcerting if I want to write a decent sentence as there's no back-checking before committing a send, but ymmv?
I didn't know about a security hole in FlashChat (and yes it is from Tufat), but there is a newer beta version out now (that I just downloaded) — I didn't check the changelog but here's
the link. There are changes showing security updates and I'm also running Mod_Security, so I await any further comments with interest ...