Cross-Site Scripting Vulnerability in Live Helper Chat by Live Helper Chat
CVE-2017-1000059

6.1MEDIUM

Key Information:

Vendor: Livehelperchat
Status: Live Helper Chat
Vendor: CVE Published:; 17 July 2017

🔔 Create Livehelperchat Vulnerability Alert

What is CVE-2017-1000059?

Live Helper Chat versions 2.06v and earlier are susceptible to a Cross-Site Scripting vulnerability due to improper handling of HTTP headers. This flaw allows attackers to inject and execute arbitrary JavaScript code within the browsers of other users, potentially compromising their sessions and confidential information. Administrators are advised to upgrade to the latest version to mitigate this risk.

References

https://www.compass-security.com/research/advisories/

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 17, 2017
Vulnerability Reserved
Jul 10, 2017

CVE-2017-1000059 Data

JSON