SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191
References
Link | Resource |
---|---|
https://github.com/livehelperchat/livehelperchat/commit/abc9599ee7aded466ca216741dcaea533c908111 | Patch Third Party Advisory |
https://huntr.dev/bounties/084387f6-5b9c-4017-baa2-5fcf65b051e1 | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
Information
Published : 2022-04-04 21:15
Updated : 2022-04-13 11:39
NVD link : CVE-2022-1213
Mitre link : CVE-2022-1213
JSON object : View
CWE
CWE-918
Server-Side Request Forgery (SSRF)
Products Affected
livehelperchat
- live_helper_chat