Vulnerabilities > Livehelperchat > Live Helper Chat

DATE CVE VULNERABILITY TITLE RISK
2021-12-28 CVE-2021-4177 Information Exposure Through an Error Message vulnerability in Livehelperchat Live Helper Chat
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
network
low complexity
livehelperchat CWE-209
5.0
2021-12-26 CVE-2021-4169 Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
4.3
2021-12-18 CVE-2021-4131 Cross-Site Request Forgery (CSRF) vulnerability in Livehelperchat Live Helper Chat
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
6.8
2021-12-17 CVE-2021-4132 Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
3.5
2021-12-16 CVE-2021-4123 Cross-Site Request Forgery (CSRF) vulnerability in Livehelperchat Live Helper Chat
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
4.3
2021-12-08 CVE-2021-4050 Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
4.3
2021-12-07 CVE-2021-4049 Cross-Site Request Forgery (CSRF) vulnerability in Livehelperchat Live Helper Chat
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
4.3
2020-10-02 CVE-2020-26135 Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat
Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO.
4.3
2020-10-02 CVE-2020-26134 Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat
Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode.
4.3
2017-07-17 CVE-2017-1000059 Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat
Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header handling resulting in the execution of any user provided Javascript code in the session of other users.
4.3