8 matches found
CVE-2024-30252
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...
CVE-2024-30252
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...
CVE-2024-30252
Livemarks up to version 3.7 is affected by a CSRF vulnerability where a malicious site can coerce the extension to perform an authenticated GET to an arbitrary URL via subscribe.js; this is possible because subscribe.html is a web_accessible_resource. The issue can compromise data integrity on pr...
CVE-2024-30252 GitHub Security Lab (GHSL) Vulnerability Report, livemarks: `GHSL-2024-015`
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...
CVE-2024-30252 GitHub Security Lab (GHSL) Vulnerability Report, livemarks: `GHSL-2024-015`
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...
CVE-2024-30252 GitHub Security Lab (GHSL) Vulnerability Report, livemarks: `GHSL-2024-015`
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...
Livemarks 跨站请求伪造漏洞
Livemarks is an extension to restore the RSS feed Livemarks in Firefox by Tim Nguyen, a personal developer. A security vulnerability exists in Livemarks versions prior to 3.7, which stems from the presence of a cross-site request forgery CSRF vulnerability. An attacker can exploit the vulnerabili...
PT-2024-23299 · Livemarks · Livemarks
Name of the Vulnerable Software and Affected Versions: Livemarks versions prior to 3.7 Description: The issue allows a malicious website to coerce the extension into sending an authenticated GET request to an arbitrary URL, potentially leading to Privilege Escalation. This occurs because the...