8 matches found
CVE-2024-30252
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...
CVE-2024-30252
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...
CVE-2024-30252 GitHub Security Lab (GHSL) Vulnerability Report, livemarks: `GHSL-2024-015`
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...
CVE-2024-30252 GitHub Security Lab (GHSL) Vulnerability Report, livemarks: `GHSL-2024-015`
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...
CVE-2024-30252 GitHub Security Lab (GHSL) Vulnerability Report, livemarks: `GHSL-2024-015`
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...
CVE-2024-30252
Livemarks up to version 3.7 is affected by a CSRF vulnerability where a malicious site can coerce the extension to perform an authenticated GET to an arbitrary URL via subscribe.js; this is possible because subscribe.html is a web_accessible_resource. The issue can compromise data integrity on pr...
Livemarks 跨站请求伪造漏洞
Livemarks is an extension to restore the RSS feed Livemarks in Firefox by Tim Nguyen, a personal developer. A security vulnerability exists in Livemarks versions prior to 3.7, which stems from the presence of a cross-site request forgery CSRF vulnerability. An attacker can exploit the vulnerabili...
PT-2024-23299 · Livemarks · Livemarks
Name of the Vulnerable Software and Affected Versions: Livemarks versions prior to 3.7 Description: The issue allows a malicious website to coerce the extension into sending an authenticated GET request to an arbitrary URL, potentially leading to Privilege Escalation. This occurs because the...