Server-Side Template Injection (SSTI) vulnerability in livehelperchat before 4.34v, allows remote attackers to execute arbitrary code and obtain sensitive information via the search parameter in lhc_web/modules/lhfaq/faqweight.php.
The vulnerability occurs in the 'search' parameter handled by the 'lhc_web/modules/lhfaq/faqweight.php' file. Improperly validated user input is processed by the server-side template engine, which allows injection of malicious template expressions. This results in the interpretation and execution of arbitrary code in the context of the web server process.
An attacker can remotely execute arbitrary code on the server (RCE) without any authentication, as well as gain access to sensitive information stored in the system.
Live Helper Chat should be updated to version 4.34 or newer. The fix was introduced in commit a61d231526a36d4a7d8cc957914799ee1f9db0ab available in the manufacturer's GitHub repository.
Live Helper Chat (livehelperchat) in versions before 4.34
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HLivehelperchat Live Helper Chat
APPLivehelperchat< 4.34
Related vulnerabilities
Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97.
SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker...
Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96.
Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to...
SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96.