Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
CVE-2022-0387

6.3MEDIUM

Key Information:

Vendor

Livehelperchat

Status
Livehelperchat/livehelperchat
Vendor
CVE Published:
27 January 2022

What is CVE-2022-0387?

Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

Affected Version(s)

livehelperchat/livehelperchat < 3.93v

References

https://huntr.dev/bounties/2e09035b-8f98-4930-b7e8-7abe5f...
x_refsource_CONFIRM
https://github.com/livehelperchat/livehelperchat/commit/f...
x_refsource_MISC

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.