GSA_kwCzR0hTQS1jN2ZtLWp4NTktd2pmNs0lQA

Moderate EPSS: 0.00303% (0.5314 Percentile) EPSS:

Permalink JSON

Authorization Bypass Through User-Controlled Key in LiveHelperChat

Affected Packages	Affected Versions	Fixed Versions
packagist:remdex/livehelperchat	< 3.92	3.92
0 Dependent packages 5 Dependent repositories 372 Downloads total Affected Version Ranges All affected versions All unaffected versions

Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v.

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-0266
https://github.com/livehelperchat/livehelperchat/commit/cc1122aed0d1ad9f05757eaea2ab9e6a924776bd
https://huntr.dev/bounties/1ac267be-3af8-4774-89f2-77234d144d6b
https://github.com/advisories/GHSA-c7fm-jx59-wjf6

Identifiers

GHSA-c7fm-jx59-wjf6

CVE-2022-0266

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00303

EPSS Percentile: 0.5314

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/livehelperchat/livehelperchat

Date and time

Published

over 3 years ago

Updated

over 2 years ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories