Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.12 views

CVE-2026-44633

Live Helper Chat is an open-source application that enables live support websites. In 4.84v, the Live Helper Chat REST API chat update endpoint allows a REST user with lhchat/use to update a chat in a department they cannot read. The endpoint accepts arbitrary chat object fields, so the user can...

8.1CVSS5.6AI score0.0027EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 7:16 p.m.18 views

CVE-2026-44633

Live Helper Chat is an open-source application that enables live support websites. In 4.84v, the Live Helper Chat REST API chat update endpoint allows a REST user with lhchat/use to update a chat in a department they cannot read. The endpoint accepts arbitrary chat object fields, so the user can...

8.1CVSS0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/26 1:42 a.m.6 views

EUVD-2026-8815

Live Helper Chat is an open-source application that enables live support websites. In versions up to and including 4.52, three chat action endpoints holdaction.php, blockuser.php, and transferchat.php load chat objects by ID without calling erLhcoreClassChat::hasAccessToRead, allowing operators t...

7.1CVSS5.4AI score0.0019EPSS
Exploits0References1
CVE
CVE
added 2026/02/26 1:42 a.m.24 views

CVE-2026-27954

Live Helper Chat is affected up to version 4.52. The flaw arises in three chat action endpoints (holdaction.php, blockuser.php, transferchat.php) which load chat objects by ID without calling erLhcoreClassChat::hasAccessToRead(), enabling operators with holduse, allowblockusers, or allowtransfer ...

7.1CVSS5.4AI score0.0019EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/12/28 5:16 a.m.2 views

CVE-2025-15121

A vulnerability has been found in JeecgBoot up to 3.9.0. The affected element is the function getDeptRoleByUserId of the file /sys/sysDepartRole/getDeptRoleByUserId. Such manipulation of the argument departId leads to information disclosure. The vendor was contacted early about this disclosure bu...

4.9CVSS6.5AI score
Exploits0References4
Rows per page
Query Builder