XSS in Livehelperchat

CVE-2026-0483

Stored Cross-Site Scripting (XSS) vulnerability in the PDF file upload functionality of Live Helper Chat, versions prior to 4.72. An attacker can upload a malicious PDF file containing an XSS payload, which will be executed in the user's c…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.001 (25.6th percentile) — read the EPSS interpretation.