Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat

Valid

Reported on

Jan 27th 2022


Description

Stored XSS is found in Settings>Live help configuration>Departments->Departments groups->edit When a user creates a new webhook under the NAME field and puts a payload {{constructor.constructor('alert(1)')()}}, the input gets stored, at user edit groupname , the payload gets executed.

Proof of Concept

https://drive.google.com/file/d/1V2dbaOS_h5HCab-C0KUaXOmaurZABVeE/view?usp=sharing

Impact

Through this vulnerability, an attacker is capable to execute malicious scripts.

References

We are processing your report and will contact the livehelperchat team within 24 hours. 2 years ago
Remigijus Kiminas validated this vulnerability 2 years ago
LoveCpp has been awarded the disclosure bounty
The fix bounty is now up for grabs
Remigijus Kiminas marked this as fixed in 3.93v with commit ff70c7 2 years ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
to join this conversation