CVE-2025-51397

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-51397

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-51397.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-51397

Published

2025-07-21T19:15:31.073Z

Modified

2026-04-10T05:29:19.829433Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A stored cross-site scripting (XSS) vulnerability in the Facebook Chat module of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Surname parameter under the Recipient' Lists.

References

Affected packages

Git / github.com/livehelperchat/livehelperchat

Affected ranges

Type

GIT

Repo

https://github.com/livehelperchat/livehelperchat

Events

Introduced

Last affected

8e5f730f1f3adf39ab6c2ad719d8d0393f5df354

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.61"
        }
    ]
}

Affected versions

2.*

2.13v

2.15v

2.16v

2.17v

2.20v

2.25v

2.26v

2.28v

2.29v

2.31v

2.32v

2.33v

2.34v

2.35v

2.36v

2.37v

2.38v

2.39v

2.40v

2.41v

2.42v

2.43v

2.45v

2.46v

2.47v

2.48v

2.49v

2.50v

2.51v

2.52v

2.53v

2.54v

2.56v

2.58v

2.60v

2.63v

2.64v

2.65v

2.66v

2.67v

2.68v

2.69.1v

2.69v

2.70v

2.71v

2.72v

2.73v

2.74v

2.75v

2.76v

2.77v

2.78v

2.79v

2.80v

2.81v

2.82v

2.83v

2.84v

2.86v

2.87v

2.90v

2.91v

2.92v

2.93v

2.94v

2.95v

2.96v

2.97v

2.98v

2.99v

3.*

3.00v

3.01v

3.02v

3.03v

3.04v

3.05v

3.06v

3.07v

3.08v

3.09v

3.10v

3.11v

3.12v

3.13v

3.14v

3.15v

3.16v

3.17v

3.18v

3.19v

3.20v

3.21v

3.22v

3.23v

3.24v

3.26v

3.27.0v

3.27v

3.28v

3.29v

3.30v

3.31v

3.32v

3.33v

3.35v

3.36v

3.37v

3.38v

3.39v

3.40v

3.42v

3.44v

3.45v

3.46v

3.47v

3.48v

3.49v

3.50v

3.51v

3.52v

3.53v

3.54v

3.55v

3.56v

3.57v

3.58v

3.59v

3.60v

3.61v

3.62v

3.63v

3.64v

3.65v

3.66v

3.67v

3.68v

3.69v

3.70v

3.71v

3.72v

3.73v

3.74v

3.75v

3.76v

3.77v

3.78v

3.79v

3.80v

3.81v

3.82v

3.83v

3.84v

3.85v

3.86v

3.87v

3.88v

3.89v

3.90v

3.91v

3.92v

3.93v

3.94v

3.95v

3.96v

3.97v

3.98v

3.99v

4.*

4.00v

4.01v

4.02v

4.03v

4.04v

4.05v

4.06v

4.07v

4.08v

4.09v

4.10v

4.11v

4.12v

4.13v

4.14v

4.15v

4.16v

4.17v

4.18v

4.19v

4.20v

4.21v

4.22v

4.23v

4.24v

4.25v

4.26v

4.27v

4.28v

4.29v

4.30v

4.31v

4.32v

4.33v

4.34v

4.35v

4.36v

4.37v

4.38v

4.39v

4.40v

4.41v

4.42.v

4.42v

4.43v

4.44v

4.45v

4.46v

4.47v

4.48v

4.49v

4.50v

4.51v

4.52v

4.53v

4.54v

4.55v

4.56v

4.57

4.58v

4.59v

4.60v

4.61v

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-51397.json"