CVE-2022-1213

CVE-2022-1213 describes an SSRF bypass in LiveHelperChat. Affected: the GitHub repo livehelperchat/livehelperchat prior to version 3.67 (as stated in multiple connected entries). The issue is related to bypassing CVE-2022-1191. Other entries corroborate SSRF in LiveHelperChat, but the documents d...

livehelperchat 安全漏洞

livehelperchat is a chat via a live helper that provides free live support on a website. A security vulnerability exists in the GitHub repository livehelperchat/livehelperchat versions prior to 3.96, which stems from the ability to force the use of Weak secrethash...

PT-2022-13717 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: LiveHelperChat versions prior to 3.67 Description: The issue allows an attacker to bypass the SSRF filter on ports 80 and 433, making the application perform arbitrary requests. Recommendations: For versions prior to 3.67, update to version...

livehelperchat 代码问题漏洞

livehelperchat is a chat via a live helper that provides free live support on a website. GitHub repository livehelperchat/livehelperchat A code issue vulnerability exists in versions prior to 3.67, which is exploited by attackers to allow the application to execute arbitrary requests...

XSS in livehelperchat

Description LiveHelperChat is vulnerable to XSS in /cobrowse/checkmirrorchanges/ in it response the url parameter to json content while response content type is html. SETP1: set the url in following request POST /cobrowse/storenodemap/hash/174QXubVQ2cHdPR5xt5vNLBWVRnRwNu6MBWHoxRs3/?url= HTTP/1.1...

livehelperchat code issue vulnerability

livehelperchat is available via live helper chat, which provides free live support on the site. livehelperchat versions prior to 3.96 are vulnerable to a code issue stemming from SSRF on index.php/cobrowse/proxycss/. An attacker could exploit this vulnerability to cause the application to execute...

GHSA-5CMW-FHQ9-8FHH Type Confusion in LiveHelperChat

Live Helper Chat provides live support for your website. Loose comparison causes IDOR on multiple endpoints in LiveHelperChat prior to 3.96. There is a fix released in versions 3.96 and 3.97. Currently, there is no known workaround...

Type Confusion in LiveHelperChat

Live Helper Chat provides live support for your website. Loose comparison causes IDOR on multiple endpoints in LiveHelperChat prior to 3.96. There is a fix released in versions 3.96 and 3.97. Currently, there is no known workaround...

CVE-2022-1176

Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1176

Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96...

Code injection

Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1176 Loose comparison causes IDOR on multiple endpoints in livehelperchat/livehelperchat

Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1176

LiveHelperChat CGI issue CVE-2022-1176 involves a loose comparison that enables Insecure Direct Object Reference (IDOR) across multiple endpoints in LiveHelperChat prior to version 3.96. Affected software: LiveHelperChat (web-based live support system). Root cause: loose comparison leading to IDO...

CVE-2022-1176 Loose comparison causes IDOR on multiple endpoints in livehelperchat/livehelperchat

Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1191

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96...

Server side request forgery (ssrf)

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1191 SSRF on index.php/cobrowse/proxycss/ in livehelperchat/livehelperchat

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96...

CVE-2022-1191

CVE-2022-1191 affects LiveHelperChat (GitHub/LHS) with a Server-Side Request Forgery (SSRF) vulnerability via index.php/cobrowse/proxycss/ exposed before version 3.96. The issue enables the app to make arbitrary requests; remediation is to upgrade to 3.96 or later. Related OSV/GHSA entries corrob...

CVE-2022-1191 SSRF on index.php/cobrowse/proxycss/ in livehelperchat/livehelperchat

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96...

PT-2022-13692 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: LiveHelperChat versions prior to 3.96 Description: The issue is caused by a loose comparison, leading to an Insecure Direct Object Reference IDOR on multiple endpoints in the LiveHelperChat repository. LiveHelperChat is a live support system...