418 matches found
CVE-2022-0374
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
Cross site scripting
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
CVE-2022-0375 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
CVE-2022-0375 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
CVE-2022-0375
CVE-2022-0375 is a Stored XSS vulnerability in LiveHelperChat (Packagist remdex/livehelperchat) prior to 3.93, affecting the Name field in Admin themes under System configuration. The root cause is stored XSS that can deface sites or compromise user sessions when an attacker injects malicious pay...
CVE-2022-0374 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
CVE-2022-0374
CVE-2022-0374 corresponds to a Stored XSS in livehelperchat (Packagist remdex/livehelperchat) prior to version 3.93. The vulnerability arises from unsanitized user-supplied input that can be stored and later rendered, enabling script execution. Multiple connected records (OSV, NVD, CNVD, huntr, e...
CVE-2022-0374 Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Cross-site Scripting XSS - Stored in Packagist remdex/livehelperchat prior to 3.93v...
Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Description LiveHelperChat is vulnerable to Stored XSS at the Name field in the Admin themes of System configuration. Payload constructor.constructor'alert1' Steps to reproduce 1.Login then go to Setting - Live help configuration tab 2.Click on Admin themes in Visual settings for the admin sectio...
Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Description Stored XSS is found in ModuleFormsList of formsNew. Use payload constructor.constructor'alert1' while creating form, and you will see that the input gets stored, and every time the user visits, the payload gets executed. Proof of Concept Impact Through this vulnerability, an attacker ...
livehelperchat 跨站脚本漏洞
livehelperchat is a chat via a live helper that provides free live support on a website. A cross-site scripting vulnerability exists in livehelperchat, which stems from a lack of proper validation of client data by the WEB application in Packagist remdex/livehelperchat in 3.93. An attacker can...
PT-2022-13135 · Remdex · Livehelperchat
Name of the Vulnerable Software and Affected Versions: remdex/livehelperchat versions prior to 3.93v Description: The issue is related to Stored Cross-site Scripting XSS attacks. Specifically, Stored XSS attacks exist in the new form creation flow, where new forms can be given a title that will...
Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Description Stored XSS is found in SettingsLive help configurationPersonal Themestatic content. Under the NAME field put a payload constructor.constructor'alert1' while creating content, and you will see that the input gets stored, and every time the user visits, the payload gets executed. Proof ...
livehelperchat is vulnerable to Cross-site Scripting
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
GHSA-5R9V-8W62-R26J livehelperchat is vulnerable to Cross-site Scripting
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
GHSA-4XWW-6H7V-29JG User enumeration in livehelperchat
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information. There is an observable discrepancy between errors generated for users that exist and those that do not...
User enumeration in livehelperchat
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information. There is an observable discrepancy between errors generated for users that exist and those that do not...
GHSA-VXH4-X6GV-MPHF Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat
Cross-Site Request Forgery CSRF in GitHub repository livehelperchat/livehelperchat...
Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat
Cross-Site Request Forgery CSRF in GitHub repository livehelperchat/livehelperchat...
GHSA-C7FM-JX59-WJF6 Authorization Bypass Through User-Controlled Key in LiveHelperChat
Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v...