Thewhiteevil/CVE-2025-51396

Releases0

LiveHelperChat <=4.61 - Stored Cross Site Scripting (XSS) via Telegram Bot Username

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-51396 ↗	Jul 21, 2025Monday, 21 July 2025, 19:15	5.4 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Telegram Bot Username parameter.