LiveConfig 2.12.2 vulnerabilities

Two vulnerabilities were found in the LiveConfig – 2.12.2 software. We’ve reported both of them to the software vendor and they were fixed in version 2.13.0

Stores XSS

Description

LiveConfig up to version 2.12.2 is vulnerable to stored Cross-site Scripting due to missing output encoding of search results. An Administrator or Reseller user can store arbitrary JavaScript code as customer data that is executed when displayed via the search function.

Affected Component

/liveconfig/search

Attack Type

Remote

Impact Escalation of Privileges

false

Impact Information Disclosure

false

Attack Vectors

To exploit the vulnerability, an attacker needs Administrator or Reseller accounts

Reference

https://www.liveconfig.com/en/changelog/

Discoverer

Arne Kersting (mgm security partners)

Path traversal

Description

A Path Traversal vulnerability for log files in LiveConfig up to version 2.12.2 allows authenticated attackers to read files on the underlying server.

Affected Component

/liveconfig/hosting/webspace

Attack Type

Remote

Impact Information Disclosure

true

Attack Vectors

To exploit the vulnerability, an attacker needs a user account.

Reference

https://www.liveconfig.com/en/changelog/

Discoverer

Arne Kersting (mgm security partners)