CVE-2022-0374

Name of the Vulnerable Software and Affected Versions remdex/livehelperchat versions prior to 3.93v

Description The issue is related to Stored Cross-site Scripting (XSS) attacks. Specifically, Stored XSS attacks exist in the new form creation flow, where new forms can be given a title that will render JavaScript. This allows for the potential execution of malicious scripts.

Recommendations For versions prior to 3.93v, update to version 3.93v or later to resolve the issue. As a temporary workaround, consider restricting the ability to create new forms or limiting the input allowed for form titles to prevent the execution of JavaScript code.