Maher-Amara / livezilla-server

LiveZilla includes a live chat software with multi-website support, visitor monitoring and a help desk system that allows you to not only integrate emails that you receive from customers but also messages from Twitter and Facebook in your ticket system.
https://maher-amara.github.io/livezilla-server/
MIT License
34 stars 22 forks source link

Is this updated? #2

Open onfire-d opened 1 year ago

onfire-d commented 1 year ago

Hi,

I've just seen this, and I'm amazed since I've always used livezilla, but after they shut down since there was not any updated there were security issues, are they fixed on this?

TheWebMachine commented 1 year ago

Which security issues, specifically, are you referring to? (CVEs, if you'd be so kind)

onfire-d commented 1 year ago

This ones https://www.cvedetails.com/vulnerability-list/vendor_id-10386/Livezilla.html

TheWebMachine commented 1 year ago

All except for CVE-2020-9758 should be patched already. That said, trust nothing. Run everything at your own risk and with proper precautions (like running this software on an independent server/cloud instance with no other data/network access). None of us here are gonna take responsibility if you get hacked and the original company is long gone, so this may never be patched again. 🤷🏻‍♂️

aiso-net commented 1 year ago

Wasn't CVE-2020-9758 patched in 8.0.1.9?

TheWebMachine commented 1 year ago

You're right. I misread the version info in the CVE. The rest of my warning still applies. 🤷🏻‍♂️

Focuslinkstech commented 1 year ago

Just run and install at your own risk

Focuslinkstech commented 1 year ago

All except for CVE-2020-9758 should be patched already. That said, trust nothing. Run everything at your own risk and with proper precautions (like running this software on an independent server/cloud instance with no other data/network access). None of us here are gonna take responsibility if you get hacked and the original company is long gone, so this may never be patched again. 🤷🏻‍♂️

👆

TalhaXero commented 1 year ago

Anyone has the license key?