CVE-2022-1234

XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device...

Design/Logic Flaw

XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device...

CVE-2022-1234 XSS in livehelperchat in livehelperchat/livehelperchat

XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device...

CVE-2022-1234 XSS in livehelperchat in livehelperchat/livehelperchat

XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device...

CVE-2022-1234

CVE-2022-1234 is an XSS vulnerability affecting the LiveHelperChat project (livehelperchat/livehelperchat) prior to version 3.97. The issue is exposed in the GitHub repository and can be triggered by improper handling of input, potentially allowing an attacker to deface a website, hijack user acc...

Server side request forgery in LiveHelperChat

SSRF filter bypass port 80, 433 in LiveHelperChat prior to v3.67. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191...

GHSA-HHR9-7XVH-8XGC Server side request forgery in LiveHelperChat

SSRF filter bypass port 80, 433 in LiveHelperChat prior to v3.67. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191...

Weak password hash in LiveHelperChat

The secrethash, which the application relies for multiple security measures, can be brute-forced. The hash is quite small, with only 10 characters of only hexadecimal, making 16^10 possilibities 1.099.511.627.776 . The SHA1 of the secret can be obtained via a captcha string and brute-forced offli...

GHSA-VX8V-G3P3-88VG Weak password hash in LiveHelperChat

The secrethash, which the application relies for multiple security measures, can be brute-forced. The hash is quite small, with only 10 characters of only hexadecimal, making 16^10 possilibities 1.099.511.627.776 . The SHA1 of the secret can be obtained via a captcha string and brute-forced offli...

livehelperchat 跨站脚本漏洞

livehelperchat is available via livehelperchat, which provides free live support on the website. livehelperchat versions prior to 3.97 are vulnerable to a cross-site scripting vulnerability that originates in the GitHub repository livehelperchat/livehelperchat in livehelperchat An XSS vulnerabili...

PT-2022-13734

Name of the Vulnerable Software and Affected Versions livehelperchat versions prior to 3.97 Description This issue has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device. It is being...

CVE-2022-1235

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96...

Design/Logic Flaw

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1235 Weak secrethash can be brute-forced in livehelperchat/livehelperchat

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1235 Weak secrethash can be brute-forced in livehelperchat/livehelperchat

Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1213

SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191...

CVE-2022-1213

SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191...

Server side request forgery (ssrf)

SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191...

CVE-2022-1213 SSRF filter bypass port 80, 433 in livehelperchat/livehelperchat

SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191...

CVE-2022-1213

CVE-2022-1213 describes an SSRF bypass in LiveHelperChat. Affected: the GitHub repo livehelperchat/livehelperchat prior to version 3.67 (as stated in multiple connected entries). The issue is related to bypassing CVE-2022-1191. Other entries corroborate SSRF in LiveHelperChat, but the documents d...