Vulnerability Database
Blog
FAQ
Docs
CVE-2020-26135
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-26135
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-26135.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-26135
Aliases
BIT-livehelperchat-2020-26135
Published
2020-10-02T09:15:14Z
Modified
2025-01-15T01:45:11.681149Z
Severity
6.1 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS Calculator
Summary
[none]
Details
Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO.
References
https://livehelperchat.com/3.44v-security-update-and-few-other-bits-586a.html
https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63
https://github.com/LiveHelperChat/livehelperchat/commit/a131b937dd6a87271ed1c0c8b8deb8710cf78f58
https://github.com/rekter0/exploits/tree/master/CVE-2020-26134
Affected packages
Git
/
github.com/livehelperchat/livehelperchat
Affected ranges
Type
GIT
Repo
https://github.com/livehelperchat/livehelperchat
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Fixed
a131b937dd6a87271ed1c0c8b8deb8710cf78f58
Fixed
a131b937dd6a87271ed1c0c8b8deb8710cf78f58
Affected versions
1.*
1.60
1.74
1.81
1.82
1.83
1.84
1.85
1.86
1.87
1.88
1.89
1.90
1.91
1.93
1.94
1.95
1.98
2.*
2.0
2.01v
2.02v
2.06v
2.07v
2.10v
2.11v
2.13v
2.15v
2.16v
2.17v
2.20v
2.22v
2.24v
2.25v
2.26v
2.27v
2.28v
2.29v
2.30v
2.31v
2.32v
2.33v
2.34v
2.35v
2.36v
2.37v
2.38v
2.39v
2.40v
2.41v
2.42v
2.43v
2.45v
2.46v
2.47v
2.48v
2.49v
2.50v
2.51v
2.52v
2.53v
2.54v
2.56v
2.57v
2.58v
2.60v
2.61v
2.62v
2.63v
2.64v
2.65v
2.66v
2.67v
2.68v
2.69.1v
2.69v
2.70v
2.71v
2.72v
2.73v
2.74v
2.75v
2.76v
2.77v
2.78v
2.79v
2.80v
2.81v
2.82v
2.83v
2.84v
2.85v
2.86v
2.87v
2.88v
2.90v
2.91v
2.92v
2.93v
2.94v
2.95v
2.96v
2.97v
2.98v
2.99v
3.*
3.00v
3.01v
3.02v
3.03v
3.04v
3.05v
3.06v
3.07v
3.08v
3.09v
3.10v
3.11v
3.12v
3.13v
3.14v
3.15v
3.16v
3.17v
3.18v
3.19v
3.20v
3.21v
3.22v
3.23v
3.24v
3.25v
3.26v
3.27.0v
3.27v
3.28v
3.29v
3.30v
3.31v
3.32v
3.33v
3.35v
3.36v
3.37v
3.38v
3.39v
3.40v
3.41v
3.42v
CVE-2020-26135 - OSV