Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-9hgc-wpc5-v8p9: An attacker can execute malicious javascript in Live Helper Chat

Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. Attacker can execute malicious javascript on application.

ghsa
#xss#git#java

An attacker can execute malicious javascript in Live Helper Chat

Low severity GitHub Reviewed Published Apr 30, 2022 • Updated May 3, 2022

Related news

GHSA-66vw-v2x9-hw75: Podman publishes a malicious image to public registries

Podman is a tool for managing OCI containers and pods. A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem, leading to information disclosure or denial of service.