Host Header injection in password Reset in livehelperchat/livehelperchat
Mar 11th 2022
The password reset uses $_SERVER['HTTP_HOST'] to generate the password without any checks or filtering. Allowing a malicious attacker to generate a fake password reset link to steal password reset tokens which may lead to account takeover
Awesome, i did reproduced it in mine, here are some poc's just in case you need it
This was fixed. But seems some bug in hunter as I can't confirm a fix :D https://doc.livehelperchat.com/docs/security https://github.com/LiveHelperChat/livehelperchat/commit/ce96791cb4c7420266b668fc234c211914259ba7
@admin I'm a maintainer and I can't close the issue why?
@remdex - we have slightly adjusted our UI. You should be able to confirm the fix using the drop-down below.
You should see
mark as fixed? Let me know if you are still having issues 👍