Livehelperchat: >> Live Helper Chat >> 3.97 Security Vulnerabilities
Server-Side Template Injection (SSTI) vulnerability in livehelperchat before 4.34v, allows remote attackers to execute arbitrary code and obtain sensitive information via the search parameter in lhc_web/modules/lhfaq/faqweight.php.
CVSS Score
9.8
EPSS Score
0.042
Published
2024-02-29
Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. The attacker can execute malicious JavaScript on the application.
CVSS Score
3.8
EPSS Score
0.002
Published
2022-04-29