EPSS
Percentile
39.7%
An attacker is able to log out a user if a logged-in user visits the attacker’s website. While this cannot harm a user’s account, it can be a great annoyance and is a valid CSRF.
github.com/livehelperchat/livehelperchat
github.com/livehelperchat/livehelperchat/commit/e7fe1aa6a087d4d21b2e8a0dadd2e08f42acbb57
huntr.dev/bounties/62408fa4-2c16-4fcd-8b34-41fcdccb779e
nvd.nist.gov/vuln/detail/CVE-2021-4049