CVE-2024-30252

Name of the Vulnerable Software and Affected Versions Livemarks versions prior to 3.7

Description The issue allows a malicious website to coerce the extension into sending an authenticated GET request to an arbitrary URL, potentially leading to Privilege Escalation. This occurs because the subscribe.js script uses the first parameter from the current URL location as the URL of the RSS feed to subscribe to, and it is accessible due to its use in subscribe.html, which is declared as a web accessible resource in manifest.json. This breaks the integrity of servers running on a private network, as a user of the browser extension may have a private server with dangerous functionality that is assumed to be safe due to network segmentation.

Recommendations For versions prior to 3.7, update to version 3.7, which fixes the issue by removing subscribe.html from web accessible resources. As a temporary workaround, consider restricting access to the subscribe.js script until the update is applied.