CVE-2025-47667 is a Cross-Site Request Forgery (CSRF) vulnerability identified in the qusupport LiveAgent product, affecting versions up to and including 4.4.7. CSRF vulnerabilities occur when an attacker tricks an authenticated user into submitting a forged request to a web application in which the user is currently authenticated. This can result in unauthorized actions being performed on behalf of the user without their consent. In this case, the vulnerability allows an attacker to craft malicious requests that, when executed by a logged-in LiveAgent user, could lead to unintended changes or actions within the LiveAgent system. The CVSS 3.1 base score of 5.4 indicates a medium severity level, with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L showing that the attack can be performed remotely over the network without privileges but requires user interaction (e.g., clicking a link). The impact affects the integrity and availability of the system, potentially allowing attackers to alter data or disrupt service, but does not compromise confidentiality. No known exploits are currently reported in the wild, and no patches have been linked yet. The vulnerability is classified under CWE-352, which is a common web security weakness related to CSRF attacks.

For European organizations using qusupport LiveAgent, this vulnerability poses a risk of unauthorized actions being executed within their customer support or ticketing environments. Such unauthorized actions could include modifying tickets, changing configurations, or disrupting service availability, which can degrade operational efficiency and customer trust. While the confidentiality of data is not directly impacted, the integrity and availability of support services could be compromised, potentially leading to service disruptions or erroneous handling of customer requests. This could have regulatory implications under GDPR if service disruptions affect customer data processing or availability. Additionally, organizations with high reliance on LiveAgent for customer interaction may experience reputational damage if attackers exploit this vulnerability to cause service anomalies or data integrity issues.

Organizations should implement strict anti-CSRF protections such as synchronizer tokens or double-submit cookies within their LiveAgent deployments. Since no official patches are currently available, administrators should consider applying web application firewalls (WAFs) with rules designed to detect and block CSRF attack patterns targeting LiveAgent endpoints. User education is also critical to reduce the risk of users clicking on malicious links that could trigger CSRF attacks. Restricting the use of LiveAgent administrative interfaces to trusted networks or VPNs can reduce exposure. Monitoring and logging unusual user actions within LiveAgent can help detect potential exploitation attempts. Once patches become available from qusupport, prompt application is essential. Additionally, organizations should review session management and ensure that session tokens are rotated and invalidated appropriately to limit the window of opportunity for CSRF attacks.