Crafty Syntax Live Help » Crafty Syntax Live Help : Security Vulnerabilities, CVEs,
Cross-site scripting (XSS) vulnerability in livehelp_js.php in Crafty Syntax Live Help (CSLH) 2.14.6 allows remote attackers to inject arbitrary web script or HTML via the department parameter.
Max CVSS
4.3
EPSS Score
0.19%
Published
2008-08-07
Updated
2017-08-08
Multiple cross-site scripting (XSS) vulnerabilities in Crafty Syntax Live Help (CSLH) before 2.14.6 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) livehelp.php, (2) user_questions.php, and (3) leavemessage.php. NOTE: the lostsheep.php vector is covered by CVE-2008-0848.
Max CVSS
4.3
EPSS Score
0.22%
Published
2008-03-06
Updated
2017-08-08
Cross-site scripting (XSS) vulnerability in lostsheep.php in Crafty Syntax Live Help (CSLH) before 2.14.16, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the versions claimed by the original researcher are probably incorrect.
Max CVSS
4.3
EPSS Score
0.27%
Published
2008-02-21
Updated
2018-10-15
Cross-site scripting (XSS) vulnerability in Crafty Syntax Live Help (CSLH) before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the name field of a livehelp or chat session.
Max CVSS
4.3
EPSS Score
0.95%
Published
2004-12-31
Updated
2017-07-11
4 vulnerabilities found