cbcvebase.

Livehelperchat Live Helper Chat vulnerabilities

37 known vulnerabilities affecting livehelperchat/live_helper_chat.

Total CVEs
37
CISA KEV
0
Public exploits
7
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH6MEDIUM30

Vulnerabilities

Page 2 of 2
CVE-2020-26134P4MEDIUMCVSS 6.1fixed in 3.442020-10-02
CVE-2020-26134 [MEDIUM] CWE-79 CVE-2020-26134: Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode. Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode.
nvd
CVE-2022-1530P4MEDIUMCVSS 6.1fixed in 3.992022-04-29
CVE-2022-1530 [MEDIUM] CWE-79 CVE-2022-1530: Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The at Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application.
nvd
CVE-2022-0374P4MEDIUMCVSS 5.4fixed in 3.932022-01-26
CVE-2022-0374 [MEDIUM] CWE-79 CVE-2022-0374: Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
nvd
CVE-2022-0395P4MEDIUMCVSS 5.4fixed in 3.932022-01-28
CVE-2022-0395 [MEDIUM] CWE-79 CVE-2022-0395: Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
nvd
CVE-2022-0502P4MEDIUMCVSS 5.4≤ 3.922022-02-06
CVE-2022-0502 [MEDIUM] CWE-79 CVE-2022-0502: Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
nvd
CVE-2022-0612P4MEDIUMCVSS 5.4≤ 3.922022-02-16
CVE-2022-0612 [MEDIUM] CWE-79 CVE-2022-0612: Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
nvd
CVE-2022-0394P4MEDIUMCVSS 5.4fixed in 3.932022-01-28
CVE-2022-0394 [MEDIUM] CWE-79 CVE-2022-0394: Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
nvd
CVE-2020-26135P4MEDIUMCVSS 6.1fixed in 3.442020-10-02
CVE-2020-26135 [MEDIUM] CWE-79 CVE-2020-26135: Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO. Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO.
nvd
CVE-2021-4176P4MEDIUMCVSS 6.1fixed in 3.912021-12-29
CVE-2021-4176 [MEDIUM] CWE-79 CVE-2021-4176: livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross- livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
nvd
CVE-2021-4132P4MEDIUMCVSS 5.4≤ 3.902021-12-17
CVE-2021-4132 [MEDIUM] CWE-79 CVE-2021-4132: livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross- livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
nvd
CVE-2021-4175P4MEDIUMCVSS 5.4fixed in 3.912021-12-29
CVE-2021-4175 [MEDIUM] CWE-79 CVE-2021-4175: livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross- livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
nvd
CVE-2021-4179P4MEDIUMCVSS 5.4fixed in 3.912021-12-28
CVE-2021-4179 [MEDIUM] CWE-79 CVE-2021-4179: livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross- livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
nvd
CVE-2017-1000059P4MEDIUMCVSS 6.1≤ 2.062017-07-17
CVE-2017-1000059 [MEDIUM] CWE-79 CVE-2017-1000059: Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header ha Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header handling resulting in the execution of any user provided Javascript code in the session of other users.
nvd
CVE-2021-4177P4MEDIUMCVSS 5.3fixed in 3.912021-12-28
CVE-2021-4177 [MEDIUM] CWE-209 CVE-2021-4177: livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
nvd
CVE-2022-0083P4MEDIUMCVSS 5.3fixed in 3.912022-01-04
CVE-2022-0083 [MEDIUM] CWE-209 CVE-2022-0083: livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
nvd
CVE-2022-0375P4MEDIUMCVSS 4.8fixed in 3.932022-01-26
CVE-2022-0375 [MEDIUM] CWE-79 CVE-2022-0375: Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v. Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
nvd
CVE-2022-0226P4MEDIUMCVSS 4.3fixed in 2.02022-01-14
CVE-2022-0226 [MEDIUM] CWE-352 CVE-2022-0226: livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
nvd
Livehelperchat Live Helper Chat vulnerabilities | cvebase