Lucene search
K

85 matches found

Positive Technologies
Positive Technologies
added 2022/01/19 12:0 a.m.3 views

PT-2022-13081 · Remdex · Livehelperchat

Name of the Vulnerable Software and Affected Versions: remdex/livehelperchat versions prior to 3.92v Description: The issue is related to an authorization bypass through a user-controlled key. This allows unauthorized access, potentially leading to security breaches. The estimated number of...

6.6CVSS6.3AI score0.01086EPSS
Exploits1References8
Veracode
Veracode
added 2021/12/29 3:51 a.m.15 views

Information Disclosure

remdex/livehelperchat is vulnerable to information disclosure. The vulnerability exists due to the lack of sanitization in error message generation, allowing an attacker to check the particular file existence in the system...

5.3CVSS2.4AI score0.00924EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2021/12/20 4:18 a.m.15 views

Cross-Site Scripting (XSS)

remdex/livehelperchat is vulnerable to cross-site scripting. The vulnerability exists due to lack of sanitization of user input in user profile setting which allows an attacker to inject malicious scripts during Web Page Generation...

5.4CVSS2.4AI score0.00634EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2021/12/20 4:8 a.m.17 views

Cross-Site Request Forgery (CSRF)

remdex/livehelperchat is vulnerable to Cross-Site Request Forgery CSRF. A remote attacker is able to trick admin user to clear the system cache which allows an attacker to execute the lead action without CSRF token check...

8.8CVSS4.3AI score0.00539EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2021/12/10 8:26 p.m.14 views

GHSA-H86J-6H6M-QJQW Cross-Site Request Forgery in remdex/livehelperchat

An attacker is able to log out a user if a logged-in user visits the attacker's website. While this cannot harm a user's account, it can be a great annoyance and is a valid CSRF...

6.5CVSS6.3AI score0.00427EPSS
Exploits1References4
Rows per page
Query Builder