CVE-2022-1191

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96...

BIT-LIVEHELPERCHAT-2022-1191

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96...

livehelperchat code issue vulnerability

livehelperchat is available via live helper chat, which provides free live support on the site. livehelperchat versions prior to 3.96 are vulnerable to a code issue stemming from SSRF on index.php/cobrowse/proxycss/. An attacker could exploit this vulnerability to cause the application to execute...

CVE-2022-1191

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96...

PT-2022-13704 · Unknown · Livehelperchat

Name of the Vulnerable Software and Affected Versions: livehelperchat/livehelperchat versions prior to 3.96 Description: The issue is related to a Server-Side Request Forgery SSRF in the index.php/cobrowse/proxycss/ endpoint of the livehelperchat/livehelperchat GitHub repository. This allows for...

SSRF on index.php/cobrowse/proxycss/

Description Live Helper Chat is vulnerable to SSRF on the /index.php/cobrowse/proxycss endpoint. It's possible to make internal requests and see the response as an authenticated user, it's also possible to make an request with any protocol using goppher://. Proof of Concept 1. Request...