Remdex Livehelperchat vulnerabilities
23 known vulnerabilities affecting remdex/livehelperchat.
Total CVEs
23
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM18LOW1
Vulnerabilities
Page 2 of 2
CVE-2022-0083P4MEDIUM≥ 0, < 3.912022-01-21
CVE-2022-0083 [MEDIUM] CWE-209 User enumeration in livehelperchat
User enumeration in livehelperchat
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information. There is an observable discrepancy between errors generated for users that exist and those that do not.
ghsaosv
CVE-2022-0375P4MEDIUM≥ 0, < 3.932022-01-28
CVE-2022-0375 [MEDIUM] CWE-79 Cross-site Scripting in livehelperchat
Cross-site Scripting in livehelperchat
LiveHelperChat is vulnerable to Stored XSS at the Name field in the Admin themes of System configuration.
ghsaosv
CVE-2022-0226P4MEDIUM≥ 0, < 3.922022-01-26
CVE-2022-0226 [MEDIUM] CWE-352 Cross-Site Request Forgery (CSRF) in livehelperchat
Cross-Site Request Forgery (CSRF) in livehelperchat
A CSRF issue is found in the audit configuration under settings. It was found that no CSRF token validation is getting done on the server-side. If we remove the CSRF token and keep the CSRF token field empty, the action is getting performed.
ghsaosv
← Previous2 / 2