CVE - CVE-2024-30252

CVE-ID
CVE-2024-30252	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is a request where the cookies of the browser are sent along with the request. The `subscribe.js` script uses the first parameter from the current URL location as the URL of the RSS feed to subscribe to and checks that the RSS feed is valid XML. `subscribe.js` is accessible by an attacker website due to its use in `subscribe.html`, an HTML page that is declared as a `web_accessible_resource` in `manifest.json`. This issue may lead to `Privilege Escalation`. A CSRF breaks the integrity of servers running on a private network. A user of the browser extension may have a private server with dangerous functionality, which is assumed to be safe due to network segmentation. Upon receiving an authenticated request instantiated from an attacker, this integrity is broken. Version 3.7 fixes this issue by removing subscribe.html from `web_accessible_resources`.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://github.com/nt1m/livemarks/blob/9c5233c82aa2f7c8bac348a08ff52881b00c4f95/manifest.json#L4 URL:https://github.com/nt1m/livemarks/blob/9c5233c82aa2f7c8bac348a08ff52881b00c4f95/manifest.json#L4 MISC:https://github.com/nt1m/livemarks/blob/9c5233c82aa2f7c8bac348a08ff52881b00c4f95/pages/subscribe/subscribe.js#L52 URL:https://github.com/nt1m/livemarks/blob/9c5233c82aa2f7c8bac348a08ff52881b00c4f95/pages/subscribe/subscribe.js#L52 MISC:https://github.com/nt1m/livemarks/blob/9c5233c82aa2f7c8bac348a08ff52881b00c4f95/shared/feed-parser.js#L5 URL:https://github.com/nt1m/livemarks/blob/9c5233c82aa2f7c8bac348a08ff52881b00c4f95/shared/feed-parser.js#L5 MISC:https://github.com/nt1m/livemarks/commit/1bcf39f6e91f7352301013f8feac6d488719450f URL:https://github.com/nt1m/livemarks/commit/1bcf39f6e91f7352301013f8feac6d488719450f MISC:https://github.com/nt1m/livemarks/security/advisories/GHSA-3gg9-w4fm-jjcg URL:https://github.com/nt1m/livemarks/security/advisories/GHSA-3gg9-w4fm-jjcg
Assigning CNA
GitHub (maintainer security advisories)
Date Record Created
20240326	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240326)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)