Vulnerability Database

300,991

Total vulnerabilities in the database

CVE-2025-51401

A stored cross-site scripting (XSS) vulnerability in the chat transfer function of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the operator name parameter.

Published: Jul 21, 2025
Updated: Aug 8, 2025
CVE: CVE-2025-51401
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
livehelperchat / live_helper_chat	-	4.61.x

https://github.com/LiveHelperChat/livehelperchat/pull/2228/commits/2056503ad96e04467ec9af8d827109b9b9b46223
https://github.com/Thewhiteevil/CVE-2025-51401
https://www.dropbox.com/scl/fi/efzjql0brniphfh5sgrzn/2025-05-09-14-26-26.mp4?rlkey=z4zpec6wsja5xo0ovq0g5g1tt&st=abbp3gtr&dl=0

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo