Whiteevil

**Name of the Vulnerable Software and Affected Versions** Live Helper Chat version 4.60 **Description** A stored cross-site scripting (XSS) vulnerability exists in the chat transfer function. Attackers can execute arbitrary web scripts or HTML by injecting a crafted payload into the `operator name` parameter. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.