418 matches found
CVE-2022-0387
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
Cross site scripting
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
Cross site scripting
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
Cross-site Scripting (XSS)
livehelperchat is vulnerable to cross site scripting. The vulnerability exists due to a lack of validation in the Name field in the Admin themes of System configuration allowing an attacker to input maliciously crafted code...
CVE-2022-0370
CVE-2022-0370 is a Stored XSS vulnerability in the Packagist package remdex/livehelperchat before version 3.93. The issue arises from input that is stored and later rendered, enabling execution of malicious client-side scripts when users visit affected pages. Multiple connected sources describe t...
CVE-2022-0370 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
CVE-2022-0370 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
CVE-2022-0387
Stored Cross-site Scripting in livehelperchat (Packagist remdex/livehelperchat) prior to version 3.93. The vulnerability is caused by user-supplied input being stored and later executed in the client, with examples referencing a webhook NAME field payload. Exploitation and PoC details are present...
CVE-2022-0387 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
CVE-2022-0387 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Description Stored XSS is found in SettingsLive help configurationDepartments-Departments groups-edit When a user creates a new webhook under the NAME field and puts a payload constructor.constructor'alert1', the input gets stored, at user edit groupname , the payload gets executed. Proof of...
livehelperchat 跨站脚本漏洞
livehelperchat is a chat via a live helper that provides free live support on a website. A cross-site scripting vulnerability exists in livehelperchat that stems from the presence of xss in Packagist remdex livehelperchat prior to 3.93v. An attacker could exploit this vulnerability to execute...
livehelperchat 跨站脚本漏洞
livehelperchat is a chat via a live helper that provides free live support on a website. A cross-site scripting vulnerability exists in livehelperchat that stems from the presence of xss in Packagist remdex livehelperchat prior to 3.93v. An attacker could exploit this vulnerability to execute...
Cross-Site Request Forgery (CSRF) in livehelperchat
livehelperchat is vulnerable to Cross-Site Request Forgery CSRF...
GHSA-8M28-W6XG-35HW Cross-Site Request Forgery (CSRF) in livehelperchat
livehelperchat is vulnerable to Cross-Site Request Forgery CSRF...
GHSA-6JMH-9GQM-5XRX Cross-Site Request Forgery (CSRF) in livehelperchat
A CSRF issue is found in the audit configuration under settings. It was found that no CSRF token validation is getting done on the server-side. If we remove the CSRF token and keep the CSRF token field empty, the action is getting performed...
Cross-Site Request Forgery (CSRF) in livehelperchat
A CSRF issue is found in the audit configuration under settings. It was found that no CSRF token validation is getting done on the server-side. If we remove the CSRF token and keep the CSRF token field empty, the action is getting performed...
CVE-2022-0375
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
CVE-2022-0375
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
CVE-2022-0374
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...