CVE-2017-15869

Name of the Vulnerable Software and Affected Versions: LiveZilla versions prior to 7.0.8.9

Description: A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the search-for parameter in the knowledgebase.php file.

Recommendations: For versions prior to 7.0.8.9, update to version 7.0.8.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the knowledgebase.php file or avoiding the use of the search-for parameter until the update is applied.