CVE-2018-10810

Name: CVE-2018-10810
Creator: NVD / NIST
Published: 2018-05-16T13:29:00.467+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.62%

Last modified Jun 17, 2026

CVE-2018-10810 is a vulnerability of currently unknown severity. chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header.. EPSS estimates a 0.62% chance of exploitation in the next 30 days.

Description

chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header.

Metrics

EPSS Probability

0.62%

45.0th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-79

Affected Software

Vendor	Product	Versions
Livezilla	Livezilla	<= 7.0.9.5

References

https://chat.livezilla.net/ticket.php?id=93482&hash=DE9C7230EA79&salt=e98942058530ead9b4f481f4d54b1f17Issue Tracking, Vendor Advisory
https://chat.livezilla.net/ticket.php?id=93482&hash=DE9C7230EA79&salt=e98942058530ead9b4f481f4d54b1f17Issue Tracking, Vendor Advisory

Timeline

Published: May 16, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2018-10810?

chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header.

How severe is CVE-2018-10810?

Severity scoring for CVE-2018-10810 is pending analysis. The EPSS model estimates a 0.62% probability of exploitation in the next 30 days.

How do I fix CVE-2018-10810?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-10810?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST