CVE-2022-0612

Description

Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

How to fix CVE-2022-0612

To remediate CVE-2022-0612, upgrade the affected package to a fixed version below.

• Bitnami/livehelperchat—upgrade to 3.92.0 or later
• Packagist/remdex/livehelperchat—upgrade to 3.93 or later

Is CVE-2022-0612 being exploited?

Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

• from 0, < 3.92.0
• from 0, < 3.93

CVSS scores

References (4)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-0612
• PATCHgithub.com/livehelperchat/livehelperchat
• WEBgithub.com/livehelperchat/livehelperchat/commit/4d4f1db1701f09177896a38e43fd0c693835f03b
• WEBhuntr.dev/bounties/eadcf7d2-a479-4901-abcc-1505d3f1b32f