VYPR

Bitnami package

livehelperchat

pkg:bitnami/livehelperchat

Vulnerabilities (29)

  • CVE-2022-1530Apr 29, 2022
    affected < 3.99.0fixed 3.99.0

    Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application.

  • CVE-2022-0935Apr 7, 2022
    affected < 3.97.0fixed 3.97.0

    Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97.

  • CVE-2022-1234Apr 6, 2022
    affected < 3.97.0fixed 3.97.0

    XSS in livehelperchat in GitHub repository livehelperchat/livehelperchat prior to 3.97. This vulnerability has the potential to deface websites, result in compromised user accounts, and can run malicious code on web pages, which can lead to a compromise of the user’s device.

  • CVE-2022-1235Apr 5, 2022
    affected < 3.96.0fixed 3.96.0

    Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96.

  • CVE-2022-1213Apr 5, 2022
    affected < 3.97.0fixed 3.97.0

    SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191

  • CVE-2022-1176Mar 31, 2022
    affected < 3.96.0fixed 3.96.0

    Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96.

  • CVE-2022-1191Mar 31, 2022
    affected < 3.96.0fixed 3.96.0

    SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96.

  • CVE-2022-0612Feb 16, 2022
    affected < 3.92.0fixed 3.92.0

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0502Feb 6, 2022
    affected < 3.92.0fixed 3.92.0

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0395Jan 28, 2022
    affected < 3.93.0fixed 3.93.0

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0394Jan 28, 2022
    affected < 3.93.0fixed 3.93.0

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0375Jan 26, 2022
    affected < 3.93.0fixed 3.93.0

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0374Jan 26, 2022
    affected < 3.93.0fixed 3.93.0

    Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

  • CVE-2022-0266Jan 19, 2022
    affected < 3.92.0fixed 3.92.0

    Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v.

  • CVE-2022-0226Jan 14, 2022
    affected < 2.0.0fixed 2.0.0

    livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)

  • CVE-2022-0231Jan 14, 2022
    affected < 3.91.0fixed 3.91.0

    livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)

  • CVE-2022-0083Jan 4, 2022
    affected < 3.91.0fixed 3.91.0

    livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information

  • CVE-2021-4175Dec 29, 2021
    affected < 3.91.0fixed 3.91.0

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2021-4176Dec 29, 2021
    affected < 3.91.0fixed 3.91.0

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  • CVE-2021-4179Dec 28, 2021
    affected < 3.91.0fixed 3.91.0

    livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Page 1 of 2