Vulnerability Database

300,991

Total vulnerabilities in the database

CVE-2025-51403

A stored cross-site scripting (XSS) vulnerability in the department assignment editing module of of Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Alias Nick parameter.

Published: Jul 21, 2025
Updated: Aug 8, 2025
CVE: CVE-2025-51403
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
livehelperchat / live_helper_chat	-	4.61.x

https://github.com/LiveHelperChat/livehelperchat/pull/2228/commits/2056503ad96e04467ec9af8d827109b9b9b46223
https://github.com/Thewhiteevil/CVE-2025-51403
https://www.dropbox.com/scl/fi/w7mur1fo4jb3harpx6om9/2025-05-08-21-38-14.mp4?rlkey=cpf5omg95tikzwno2u99thf3v&st=2xgfedgo&dl=0

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo