Description

LiveHelperChat is vulnerable to Stored XSS at the Message field in thePersonal canned messagetab of theUser account page.

Payload

{{constructor.constructor('alert(1)')()}}

Steps to reproduce

1.Login then go to User account page (https://demo.livehelperchat.com/site_admin/user/account)
2.Switch to the Personal canned message tab
3.Under Personal canned message, enter aTitlethen in theMessage field, input payload {{constructor.constructor('alert(1)')()}}
4.Click Save button then you will see the XSS popup will display.

You can also copy the link to that message by clicking on the Edit message button. Every time a person browses to that link, he will be triggered by an XSS popup.
The vulnerable link looks like this
https://demo.livehelperchat.com/site_admin/user/account/(msg)/7/(tab)/canned

Impact

This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device.