GHSA-5cmw-fhq9-8fhh

Source

https://github.com/advisories/GHSA-5cmw-fhq9-8fhh

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-5cmw-fhq9-8fhh/GHSA-5cmw-fhq9-8fhh.json

JSON Data

https://api.test.osv.dev/v1/vulns/GHSA-5cmw-fhq9-8fhh

Aliases

Published

2022-04-01T00:00:40Z

Modified

2023-12-06T00:46:49.066593Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

Type Confusion in LiveHelperChat

Details

Live Helper Chat provides live support for your website. Loose comparison causes IDOR on multiple endpoints in LiveHelperChat prior to 3.96. There is a fix released in versions 3.96 and 3.97. Currently, there is no known workaround.

Database specific

{
    "nvd_published_at": "2022-03-31T10:15:00Z",
    "github_reviewed_at": "2022-04-01T19:41:31Z",
    "severity": "HIGH",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-843"
    ]
}

References

Affected packages

Packagist / remdex/livehelperchat

Package

Name: remdex/livehelperchat
Purl: pkg:composer/remdex/livehelperchat

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.96

Affected versions

1.*

1.74

1.81

1.82

1.83

1.84

1.85

1.86

1.87

1.88

1.89

1.90

1.91

1.93

1.94

1.95

1.98

2.*

2.0