LiveHelperChat is vulnerable to Stored XSS at the Name field in theAdmin themesofSystem configuration.
{{constructor.constructor('alert(1)')()}}
1.Login then go to Setting ->Live help configuration tab
2.Click on Admin themes inVisual settings for the admin section
3.Click New button and input payload {{constructor.constructor('alert(1)')()}}
in theName field
4.Click Save button then go to that theme by clicking on that theme name in the list
This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the userβs device.