EUVD-2019-4537

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

LiveZilla Server versions before 8.0.1.1 are vulnerable to XSS via Accept-Language HTTP header.

Reporter	Title	Published	Views	Family All 14
0day.today	LiveZilla Server 8.0.1.0 - (Accept-Language) Reflected XSS Vulnerability	19 Mar 202100:00	–	zdt
Circl	CVE-2019-12962	15 Jan 202409:19	–	circl
CNVD	LiveZilla Server Cross-Site Scripting Vulnerability (CNVD-2019-21246)	26 Jun 201900:00	–	cnvd
CVE	CVE-2019-12962	25 Jun 201912:55	–	cve
Cvelist	CVE-2019-12962	25 Jun 201912:55	–	cvelist
Exploit DB	LiveZilla Server 8.0.1.0 - 'Accept-Language' Reflected XSS	19 Mar 202100:00	–	exploitdb
Nuclei	LiveZilla Server 8.0.1.0 - Cross-Site Scripting	24 Jun 202603:02	–	nuclei
NVD	CVE-2019-12962	25 Jun 201913:15	–	nvd
OpenVAS	LiveZilla < 8.0.1.2 Multiple XSS Vulnerabilities	2 Jul 201900:00	–	openvas
OSV	CVE-2019-12962	25 Jun 201913:15	–	osv

[
  {
    "enisaIdVendor": [
      {
        "id": "a90e57b7-f155-3e71-8ebe-c3ee98d09401",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "6be5cdeb-e373-3c70-98f8-f8d6e3e1d984",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2019-12962
forums	www.forums.livezilla.net/index.php
packetstormsecurity	www.packetstormsecurity.com/files/161867/LiveZilla-Server-8.0.1.0-Cross-Site-Scripting.html
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.16.1

CVSS 24.3

EPSS0.09052