CVE-2022-0083
published 2022-01-04CVE-2022-0083: livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
PriorityP421medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.90%
55.1th percentile
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| livehelperchat | live_helper_chat | < 3.91 | 3.91 |
| livehelperchat | livehelperchat_livehelperchat | >= unspecified < 2.0 | 2.0 |
| remdex | livehelperchat | >= 0 < 3.91 | 3.91 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv3.07.3HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
User enumeration in livehelperchat
ghsa·2022-01-21
CVE-2022-0083 [MEDIUM] CWE-209 User enumeration in livehelperchat
User enumeration in livehelperchat
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information. There is an observable discrepancy between errors generated for users that exist and those that do not.
OSV
User enumeration in livehelperchat
osv·2022-01-21
CVE-2022-0083 [MEDIUM] User enumeration in livehelperchat
User enumeration in livehelperchat
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information. There is an observable discrepancy between errors generated for users that exist and those that do not.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/livehelperchat/livehelperchat/commit/fbed8728be59040a7218610e72f6eceb5f8bc152https://huntr.dev/bounties/4c477440-3b03-42eb-a6e2-a31b55090736https://github.com/livehelperchat/livehelperchat/commit/fbed8728be59040a7218610e72f6eceb5f8bc152https://huntr.dev/bounties/4c477440-3b03-42eb-a6e2-a31b55090736
2022-01-04
Published