Thewhiteevil/CVE-2025-51403

Releases0

LiveHelperChat <=4.61 - Stored Cross Site Scripting (XSS) via Department Assignment Alias Nick Field

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-51403 ↗	Jul 21, 2025Monday, 21 July 2025, 19:15	6.5 MEDIUM	—
A stored cross-site scripting (XSS) vulnerability in the department assignment editing module of of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Alias Nick parameter.