RSS   Vulnerabilities for 'Live helper chat'   RSS

2022-04-29
 
CVE-2022-1530

CWE-79
 

 
Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. Attacker can execute malicious JS on Application :)

 
2022-04-07
 
CVE-2022-0935

CWE-116
 

 
Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97.

 
2022-04-06
 
CVE-2022-1234

CWE-79
 

 

 
2022-04-05
 
CVE-2022-1235

CWE-916
 

 
Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96.

 
 
CVE-2022-1213

CWE-918
 

 
SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191

 
2022-03-31
 
CVE-2022-1176

CWE-843
 

 
Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96.

 
 
CVE-2022-1191

CWE-918
 

 
SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96.

 
2022-02-16
 
CVE-2022-0612

CWE-79
 

 
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

 
2022-02-06
 
CVE-2022-0502

CWE-79
 

 
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

 
2022-01-28
 
CVE-2022-0395

CWE-79
 

 
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

 


Copyright 2022, cxsecurity.com

 

Back to Top