CVE-2025-51401
BaseFortify
Publication date: 2025-07-21
Last updated on: 2025-08-07
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| livehelperchat | live_helper_chat | to 4.61 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stored Cross-Site Scripting (XSS) issue in Live Helper Chat versions up to 4.61. It occurs because the application does not properly sanitize input in the operator name field. An attacker can inject malicious JavaScript code into this field, which is then stored and executed later when a chat is transferred to another operator. This allows the attacker to run arbitrary scripts in the victim operator's browser. [1]
How can this vulnerability impact me? :
The vulnerability can lead to arbitrary JavaScript execution in the context of the victim operator's browser. This can result in session hijacking, data theft, or other malicious actions performed by the attacker, potentially compromising the security and integrity of the chat system and sensitive information. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if any operator names in Live Helper Chat contain suspicious or crafted payloads such as HTML or JavaScript code. For example, look for operator names containing strings like "><img src= or onerror= which indicate possible XSS payloads. Since the vulnerability involves stored XSS in the operator name field, you can query the database or use the application interface to review operator names for such payloads. Specific commands depend on your environment, but for example, if you have database access, you could run a SQL query like: SELECT operator_name FROM operators WHERE operator_name LIKE '%<img%' OR operator_name LIKE '%onerror=%'; This helps identify injected scripts. Additionally, monitoring chat transfer events for unexpected script execution or unusual browser prompts can help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade Live Helper Chat to version 4.61 or later, where this vulnerability has been patched. Until the upgrade is applied, avoid transferring chats between operators with untrusted or unknown operator names, and review and sanitize operator name inputs to remove any malicious scripts. Additionally, restrict operator permissions to prevent unauthorized changes to operator names and monitor for suspicious activity related to chat transfers. [1]