CVE-2022-1530: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

April 30, 2022 (updated May 3, 2022)

Cross-site Scripting (XSS) in GitHub repository livehelperchat/livehelperchat prior to 3.99v. Attacker can execute malicious JS on Application :)

References

github.com/advisories/GHSA-9hgc-wpc5-v8p9
github.com/livehelperchat/livehelperchat/commit/edef7a8387be718d0de2dfd1e722789afb0461bc
huntr.dev/bounties/8fd8de01-7e83-4324-9cc8-a97acb9b70d6
nvd.nist.gov/vuln/detail/CVE-2022-1530

Code Behaviors & Features

Detect and mitigate CVE-2022-1530 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →