Vulnerabilities

CVE-2026-0483 - Stored Cross-Site Scripting (XSS) vulnerability in LiveHelperChat

2026-01-28 0 views admin

CVE ID : CVE-2026-0483 Published : Jan. 28, 2026, 12:15 p.m. | 42 minutes ago Description : Stored Cross-Site Scripting (XSS) vulnerability in the PDF file upload functionality of Live Helper Chat, versions prior to 4.72. An attacker can upload a malicious PDF file containing an XSS payload, which will be executed in the user's context when they download and open the file via the link generated by the application. The vulnerability allows arbitrary JavaScript code to be executed in the user's local context. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-0483

Severity

MEDIUM

Published

Jan. 28, 2026

Attack Vector: local

Impact: XSS

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-0483medium

CVE-2026-0483 - Stored Cross-Site Scripting (XSS) vulnerability in LiveHelperChat

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-3134 - itsourcecode News Portal Project edit-category.php sql injection

CVE-2026-3133 - itsourcecode Document Management System Login loging.php sql injection

CVE-2025-46320 - FileMaker WebDirect Cross-Site Scripting (XSS)

CVE-2026-21410 - InSAT MasterSCADA BUK-TS SQL Injection

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting