Vulnerability Description
Live Helper Chat is an open-source application that enables live support websites. In versions up to and including 4.52, three chat action endpoints (holdaction.php, blockuser.php, and transferchat.php) load chat objects by ID without calling `erLhcoreClassChat::hasAccessToRead()`, allowing operators to act on chats in departments they are not assigned to. Operators with the relevant role permissions (holduse, allowblockusers, allowtransfer) can hold, block users from, or transfer chats in departments they are not assigned to. This is a horizontal privilege escalation within one organization. As of time of publication, no known patched versions are available.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Livehelperchat | Live Helper Chat | <= 4.52 |
Related Weaknesses (CWE)
References
- https://github.com/LiveHelperChat/livehelperchat/security/advisories/GHSA-87wc-2MitigationVendor Advisory
FAQ
What is CVE-2026-27954?
CVE-2026-27954 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Live Helper Chat is an open-source application that enables live support websites. In versions up to and including 4.52, three chat action endpoints (holdaction.php, blockuser.php, and transferchat.p...
How severe is CVE-2026-27954?
CVE-2026-27954 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-27954?
Check the references section above for vendor advisories and patch information. Affected products include: Livehelperchat Live Helper Chat.