Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Livehelperchat Subscribe
Filtered by product Live Helper Chat
Total 30 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1530 1 Livehelperchat 1 Live Helper Chat 2022-05-12 4.3 MEDIUM 6.1 MEDIUM
Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application.
CVE-2022-0935 1 Livehelperchat 1 Live Helper Chat 2022-04-14 6.8 MEDIUM 8.8 HIGH
Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97.
CVE-2022-1213 1 Livehelperchat 1 Live Helper Chat 2022-04-13 5.5 MEDIUM 8.1 HIGH
SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191
CVE-2022-1235 1 Livehelperchat 1 Live Helper Chat 2022-04-13 6.4 MEDIUM 8.2 HIGH
Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96.
CVE-2022-1234 1 Livehelperchat 1 Live Helper Chat 2022-04-13 4.3 MEDIUM 6.1 MEDIUM
XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device.
CVE-2022-1176 1 Livehelperchat 1 Live Helper Chat 2022-04-07 5.0 MEDIUM 7.5 HIGH
Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96.
CVE-2022-1191 1 Livehelperchat 1 Live Helper Chat 2022-04-07 5.5 MEDIUM 8.1 HIGH
SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96.
CVE-2022-0394 1 Livehelperchat 1 Live Helper Chat 2022-03-04 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
CVE-2022-0395 1 Livehelperchat 1 Live Helper Chat 2022-03-01 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
CVE-2022-0612 1 Livehelperchat 1 Live Helper Chat 2022-02-23 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
CVE-2022-0502 1 Livehelperchat 1 Live Helper Chat 2022-02-10 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
CVE-2022-0374 1 Livehelperchat 1 Live Helper Chat 2022-02-01 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
CVE-2022-0375 1 Livehelperchat 1 Live Helper Chat 2022-02-01 3.5 LOW 4.8 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
CVE-2022-0266 1 Livehelperchat 1 Live Helper Chat 2022-01-25 6.0 MEDIUM 6.6 MEDIUM
Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v.
CVE-2022-0231 1 Livehelperchat 1 Live Helper Chat 2022-01-21 4.3 MEDIUM 6.5 MEDIUM
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2022-0226 1 Livehelperchat 1 Live Helper Chat 2022-01-20 4.3 MEDIUM 4.3 MEDIUM
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2022-0083 1 Livehelperchat 1 Live Helper Chat 2022-01-11 5.0 MEDIUM 5.3 MEDIUM
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
CVE-2021-4175 1 Livehelperchat 1 Live Helper Chat 2022-01-06 3.5 LOW 5.4 MEDIUM
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4176 1 Livehelperchat 1 Live Helper Chat 2022-01-06 4.3 MEDIUM 6.1 MEDIUM
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4179 1 Livehelperchat 1 Live Helper Chat 2022-01-06 3.5 LOW 5.4 MEDIUM
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')