Vulnerability Description
Stored Cross-Site Scripting (XSS) vulnerability in the PDF file upload functionality of Live Helper Chat, versions prior to 4.72. An attacker can upload a malicious PDF file containing an XSS payload, which will be executed in the user's context when they download and open the file via the link generated by the application. The vulnerability allows arbitrary JavaScript code to be executed in the user's local context.
Related Weaknesses (CWE)
References
FAQ
What is CVE-2026-0483?
CVE-2026-0483 is a documented vulnerability. Stored Cross-Site Scripting (XSS) vulnerability in the PDF file upload functionality of Live Helper Chat, versions prior to 4.72. An attacker can upload a malicious PDF file containing an XSS payload,...
How severe is CVE-2026-0483?
CVSS scoring is not yet available for CVE-2026-0483. Check NVD for updates.
Is there a patch for CVE-2026-0483?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.