CVE-2022-0266

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions remdex/livehelperchat versions prior to 3.92v

Description The issue is related to an authorization bypass through a user-controlled key. This allows unauthorized access, potentially leading to security breaches. The estimated number of affected devices and real-world incidents are not specified.

Recommendations For versions prior to 3.92v, update to version 3.92v or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the application until the update is applied.

Exploit

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639

Related Identifiers

BIT-LIVEHELPERCHAT-2022-0266

CVE-2022-0266

GHSA-C7FM-JX59-WJF6

Affected Products

Livehelperchat

CVE-2022-0266

Weakness Enumeration

Related Identifiers

Affected Products

References · 9