CVE-2022-1234
published 2022-04-06CVE-2022-1234: XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in…
PriorityP426medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.71%
49.1th percentile
XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| livehelperchat | live_helper_chat | < 3.97 | 3.97 |
| livehelperchat | livehelperchat_livehelperchat | >= unspecified < 3.97 | 3.97 |
| twisted | treq | >= 0 < 22.1.0 | 22.1.0 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
ghsa7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jmjp-h79x-9f5r: XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3
ghsa_unreviewed·2022-04-07
CVE-2022-1234 [MEDIUM] CWE-79 GHSA-jmjp-h79x-9f5r: XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3
XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device.
GHSA
Unsafe handling of user-specified cookies in treq
ghsa·2022-02-01·CVSS 7.5
CVE-2022-23607 [HIGH] CWE-200 Unsafe handling of user-specified cookies in treq
Unsafe handling of user-specified cookies in treq
### Impact
Treq's request methods (`treq.get`, `treq.post`, `HTTPClient.request`, `HTTPClient.get`, etc.) accept cookies as a dictionary, for example:
```py
treq.get('https://example.com/', cookies={'session': '1234'})
```
Such cookies are not bound to a single domain, and are therefore sent to *every* domain ("supercookies"). This can potentially cause sensitive information to leak upon an HTTP redirect to a different domain., e.g. should `https://example.com` redirect to `http://cloudstorageprovider.com` the latter will receive the cookie `session`.
### Patches
Treq 2021.1.0 and later bind cookies given to request methods (`treq.request`, `treq.get`, `HTTPClient.request`, `HTTPClient.get`, etc.) to the origin of the *url* parameter.
No detection rules found.
No public exploits indexed.
https://github.com/livehelperchat/livehelperchat/commit/a09aa0d793818dc4cae78ac4bcfb557d4fd2a30dhttps://huntr.dev/bounties/0d235252-0882-4053-85c1-b41b94c814d4https://github.com/livehelperchat/livehelperchat/commit/a09aa0d793818dc4cae78ac4bcfb557d4fd2a30dhttps://huntr.dev/bounties/0d235252-0882-4053-85c1-b41b94c814d4
2022-04-06
Published