Thewhiteevil/CVE-2025-51401

Releases0

LiveHelperChat <=4.61 - Stored Cross Site Scripting (XSS) via Operator Chat Name Field Triggers on Chat Owner Transfer

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-51401 ↗	Jul 21, 2025Monday, 21 July 2025, 19:15	5.4 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in the chat transfer function of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the operator name parameter.