CVE-2022-1191 HIGH

CVE-2022-1191: SSRF on index.php/cobrowse/proxycss/ in livehelperchat/livehelperchat

Vendor Livehelperchat
Product livehelperchat/livehelperchat
Weakness CWE-918 · SSRF
Published March 31, 2022
Last update August 2, 2024
View on NVD All CVEs

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

What the vulnerability does

01Description

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to 3.96.

Key dates

02Disclosure timeline

March 31, 2022 CVE published
August 2, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2021-41084 Response Splitting from unsanitized headers in http4s CVE-2026-27829 Astro is vulnerable to SSRF due to missing allowlist enforcement in remote image inferSize CVE-2026-39361 OpenObserve has a SSRF Protection Bypass via IPv6 Bracket Notation in validate_enrichment_url CVE-2026-1356 Converter for Media – Optimize images | Convert WebP & AVIF <= 6.5.1 - Unauthenticated Server-Side Request Forgery via src CVE-2024-0510 HaoKeKeJi YiQiNiu Api.php http_post server-side request forgery