CVE-2022-0266
MEDIUMPackagist remdex/livehelperchat <3.92v - Auth Bypass
Title source: llmDescription
Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v.
References (2)
Core 2
Core References
Exploit, Patch, Third Party Advisory x_refsource_confirm
https://huntr.dev/bounties/1ac267be-3af8-4774-89f2-77234d144d6b
Patch, Third Party Advisory x_refsource_misc
https://github.com/livehelperchat/livehelperchat/commit/cc1122aed0d1ad9f05757eaea2ab9e6a924776bd
Scores
CVSS v3
6.6
EPSS
0.0030
EPSS Percentile
53.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-639
Status
published
Products (2)
livehelperchat/live_helper_chat
< 3.92
remdex/livehelperchat
0 - 3.92Packagist
Published
Jan 19, 2022
Tracked Since
Feb 18, 2026