CVE-2022-0083
User enumeration in livehelperchat
7.3
HIGH
CVSS 3.1
EPSS 0.21%
Description
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information. There is an observable discrepancy between errors generated for users that exist and those that do not.
How to fix CVE-2022-0083
To remediate CVE-2022-0083, upgrade the affected package to a fixed version below.
- Bitnami/livehelperchat—upgrade to 3.91.0 or later
- —upgrade to 3.91 or later
Is CVE-2022-0083 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 3.91.0
- from 0, < 3.91
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.3 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |