Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat


Reported on

Aug 24th 2021

✍️ Description

stored xss XMP configuration

🕵️‍♂️ Proof of Concept

Plz check this 1 minute video to reproduce the bug

💥 Impact

xss bug allow to execute arbitary javascript code


We have contacted a member of the livehelperchat team and are waiting to hear back 3 months ago
Remigijus Kiminas validated this vulnerability 3 months ago
ranjit-git has been awarded the disclosure bounty
The fix bounty is now up for grabs
Remigijus Kiminas confirmed that a fix has been merged on f7584a 3 months ago
The fix bounty has been dropped