PT-2025-30334 · Unknown · Livehelperchat
Manojkumar J
·
Published
2025-07-21
·
Updated
2025-08-07
·
CVE-2025-51403
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Live Helper Chat version 4.60
Description
A stored cross-site scripting (XSS) vulnerability exists in the department assignment editing module. Attackers can execute arbitrary web scripts or HTML by injecting a crafted payload into the
Alias Nick parameter.Recommendations
Apply updates to Live Helper Chat version 4.60 to address the issue.
As a temporary workaround, sanitize user input for the
Alias Nick parameter to prevent the injection of malicious scripts.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Livehelperchat