Vulnerabilities > Livehelperchat > Live Helper Chat > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-29 | CVE-2022-1530 | Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. | 4.3 |
2022-04-07 | CVE-2022-0935 | Improper Encoding or Escaping of Output vulnerability in Livehelperchat Live Helper Chat Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97. | 6.8 |
2022-04-06 | CVE-2022-1234 | Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. | 6.1 |
2022-04-05 | CVE-2022-1235 | Use of Password Hash With Insufficient Computational Effort vulnerability in Livehelperchat Live Helper Chat Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96. | 6.4 |
2022-04-05 | CVE-2022-1213 | Server-Side Request Forgery (SSRF) vulnerability in Livehelperchat Live Helper Chat SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. | 5.5 |
2022-03-31 | CVE-2022-1176 | Type Confusion vulnerability in Livehelperchat Live Helper Chat Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96. | 5.0 |
2022-03-31 | CVE-2022-1191 | Server-Side Request Forgery (SSRF) vulnerability in Livehelperchat Live Helper Chat SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96. | 5.5 |
2022-01-19 | CVE-2022-0266 | Authorization Bypass Through User-Controlled Key vulnerability in Livehelperchat Live Helper Chat Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v. | 6.0 |
2022-01-14 | CVE-2022-0226 | Cross-Site Request Forgery (CSRF) vulnerability in Livehelperchat Live Helper Chat livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | 4.3 |
2022-01-14 | CVE-2022-0231 | Cross-Site Request Forgery (CSRF) vulnerability in Livehelperchat Live Helper Chat livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | 4.3 |