Bitnami package
livehelperchat
pkg:bitnami/livehelperchat
Vulnerabilities (29)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-4177 | — | < 3.91.0 | 3.91.0 | Dec 28, 2021 | livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information | ||
| CVE-2021-4169 | — | < 3.90.0 | 3.90.0 | Dec 26, 2021 | livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||
| CVE-2021-4131 | — | < 2.0.0 | 2.0.0 | Dec 18, 2021 | livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||
| CVE-2021-4132 | — | < 3.90.0 | 3.90.0 | Dec 17, 2021 | livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||
| CVE-2021-4123 | — | < 2.0.0 | 2.0.0 | Dec 16, 2021 | livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||
| CVE-2021-4050 | — | — | — | Dec 8, 2021 | livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||
| CVE-2021-4049 | — | < 2.0.0 | 2.0.0 | Dec 7, 2021 | livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | ||
| CVE-2020-26135 | — | < 3.44.0 | 3.44.0 | Oct 2, 2020 | Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO. | ||
| CVE-2020-26134 | — | < 3.44.0 | 3.44.0 | Oct 2, 2020 | Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode. |
- CVE-2021-4177Dec 28, 2021affected < 3.91.0fixed 3.91.0
livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information
- CVE-2021-4169Dec 26, 2021affected < 3.90.0fixed 3.90.0
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE-2021-4131Dec 18, 2021affected < 2.0.0fixed 2.0.0
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
- CVE-2021-4132Dec 17, 2021affected < 3.90.0fixed 3.90.0
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE-2021-4123Dec 16, 2021affected < 2.0.0fixed 2.0.0
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
- CVE-2021-4050Dec 8, 2021
livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE-2021-4049Dec 7, 2021affected < 2.0.0fixed 2.0.0
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
- CVE-2020-26135Oct 2, 2020affected < 3.44.0fixed 3.44.0
Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO.
- CVE-2020-26134Oct 2, 2020affected < 3.44.0fixed 3.44.0
Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode.
Page 2 of 2