Home

Description

A stored cross-site scripting (XSS) vulnerability in Live Helper Chat v4.60 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Telegram Bot Username parameter.

PUBLISHED Reserved 2025-06-16 | Published 2025-07-21 | Updated 2025-07-22 | Assigner mitre

References

www.dropbox.com/...27ywh16uz5uqam0qzweo3p8w&st=eglxeohk&dl=0

github.com/...mmits/2056503ad96e04467ec9af8d827109b9b9b46223

github.com/Thewhiteevil/CVE-2025-51396

cve.org (CVE-2025-51396)

nvd.nist.gov (CVE-2025-51396)

Download JSON