pkg:Bitnami/livehelperchat

All known vulnerabilities

• HIGH8.8CVE-2022-0935Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97.
  from 0, < 3.97.0
• HIGH8.8CVE-2022-1234XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97.
  from 0, < 3.97.0
• HIGH8.8CVE-2021-4131livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
  from 0, < 2.0.0
• HIGH8.7SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96.
  from 0, < 3.96.0
• HIGH7.7Server side request forgery in LiveHelperChat
  from 0, < 3.97.0
• HIGH7.5Weak password hash in LiveHelperChat
  from 0, < 3.96.0
• HIGH7.5Type Confusion in LiveHelperChat
  from 0, < 3.96.0
• HIGH7.3User enumeration in livehelperchat
  from 0, < 3.91.0
• MEDIUM6.7Cross-site Scripting in livehelperchat
  from 0, < 3.92.0
• MEDIUM6.6livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  from 0, < 3.91.0
• MEDIUM6.6livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  from 0, < 3.91.0
• MEDIUM6.5Cross-site Scripting in livehelperchat
  from 0, < 3.93.0
• MEDIUM6.5Cross-site Scripting in livehelperchat
  from 0, < 3.93.0
• MEDIUM6.5Cross-Site Request Forgery (CSRF) in livehelperchat
  from 0, < 3.91.0
• MEDIUM6.5Authorization Bypass Through User-Controlled Key in LiveHelperChat
  from 0, < 3.92.0
• MEDIUM6.5livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
  from 0, < 2.0.0
• MEDIUM6.1Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode.
  from 0, < 3.44.0
• MEDIUM6.1Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO.
  from 0, < 3.44.0
• MEDIUM6.1An attacker can execute malicious javascript in Live Helper Chat
  from 0, < 3.99.0
• MEDIUM6.1Cross site scripting in remdex/livehelperchat
• MEDIUM5.4livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  from 0, < 3.90.0
• MEDIUM5.4livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  from 0, < 3.91.0
• MEDIUM5.4Cross-site Scripting in LiveHelperChat
  from 0, < 3.92.0
• MEDIUM5.4Cross-site Scripting in LiveHelperChat
  from 0, < 3.93.0
• MEDIUM5.4Cross-site Scripting in LiveHelperChat
  from 0, < 3.93.0
• MEDIUM5.4livehelperchat is vulnerable to Cross-site Scripting
  from 0, < 3.90.0
• MEDIUM4.3livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
  from 0, < 3.91.0
• MEDIUM4.3Cross-Site Request Forgery (CSRF) in livehelperchat
  from 0, < 2.0.0
• MEDIUM4.3Cross-Site Request Forgery in remdex/livehelperchat
  from 0, < 2.0.0