CNNVD-202507-1608 Information
CNNVD ID
CNNVD-202507-1608
Related CVE
- CNNVD Published: 2025-07-11
Description (Chinese)
Live Helper Chat lhc-php-resque Extension是Live Helper Chat开源的一个扩展软件。 Live Helper Chat lhc-php-resque Extension存在安全漏洞,该漏洞源于参数queue name操作导致跨站脚本。
Description (English)
Live Helper Chat lhc-php-resque Extension is an extension of Live Helper Chat open source. Live Helper Chat lhc-php-resque Extension has a security loophole, which results from the Que name operation of the parameter.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
Live Support
Published
2025-07-11
Last Modified
2026-02-24
References
https://github.com/CodeBrics/lhc-php-resque-exploit/ https://github.com/CodeBrics/lhc-php-resque-exploit/?tab=readme-ov-file#attack-vector https://github.com/LiveHelperChat/lhc-php-resque/commit/542aa8449b5aa889b3a54f419e794afe19f56d5d https://vuldb.com/?ctiid.316005 https://vuldb.com/?id.316005 https://vuldb.com/?submit.609068 https://access.redhat.com/security/cve/cve-2025-7435
Patch
https://github.com/LiveHelperChat/lhc-php-resque/releases
Share on: