Browse all 34 CVE security advisories affecting livehelperchat. AI-powered Chinese analysis, POCs, and references for each vulnerability.
LiveHelperChat is an open-source live support platform designed to facilitate real-time customer communication through web-based chat interfaces. Its architecture, primarily built on PHP, has historically exposed it to a significant volume of security issues, with thirty-four Common Vulnerabilities and Exposures (CVEs) currently recorded. The most prevalent vulnerability classes include Cross-Site Scripting (XSS), SQL Injection, and Remote Code Execution (RCE), often stemming from insufficient input validation and improper access controls. These flaws frequently allow attackers to execute arbitrary commands, steal session data, or escalate privileges within the application environment. While the project maintains an active development cycle to address these defects, the high count of past incidents highlights the challenges inherent in managing complex, community-driven codebases. Users are advised to prioritize regular updates and strict configuration hardening to mitigate the risk of exploitation against these known weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-7435 | LiveHelperChat lhc-php-resque Extension List list cross site scripting — lhc-php-resque ExtensionCWE-79 | 3.5 | Low | 2025-07-11 |
This page lists every published CVE security advisory associated with livehelperchat. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.