CVE-2024-27516: livehelperchat Server-Side Template Injection

February 29, 2024

livehelperchat 4.28v is vulnerable to Server-Side Template Injection (SSTI).

References

github.com/LiveHelperChat/livehelperchat
github.com/LiveHelperChat/livehelperchat/commit/a61d231526a36d4a7d8cc957914799ee1f9db0ab
github.com/LiveHelperChat/livehelperchat/issues/2054
github.com/advisories/GHSA-v4cp-2q7v-hg9q
nvd.nist.gov/vuln/detail/CVE-2024-27516

Code Behaviors & Features

Detect and mitigate CVE-2024-27516 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →