|Livefyre Comments 3 4.1.4 XSS - VULHUB开源网络安全威胁库

Livefyre Comments 3 4.1.4 XSS

- AV AC AU C I A

发布： 2025-04-13

修订： 2025-04-13

Every registered user can change livefyre_site_id and livefyre_site_key. File: livefyre-comments\src\admin\Livefyre_Admin.php ``` function __construct( $lf_core ) { $this->lf_core = $lf_core; $this->ext = $lf_core->ext; add_action( 'admin_menu', array( &$this, 'register_admin_page' ) ); add_action( 'admin_notices', array( &$this, 'lf_install_warning') ); add_action( 'admin_init', array( &$this->lf_core->Admin, 'plugin_upgrade' ) ); add_action( 'admin_init', array( &$this, 'site_options_init' ) ); add_action( 'network_admin_menu', array(&$this, 'register_network_admin_page' ) ); add_action( 'admin_init', array( &$this, 'network_options_init' ) ); add_action( 'network_admin_edit_save_network_options', array($this, 'do_save_network_options'), 10, 0); } function site_options_init() { $name = 'livefyre'; $section_name = 'lf_site_settings'; $settings_section = 'livefyre_site_options'; register_setting( $settings_section, 'livefyre_site_id' ); register_setting( $settings_section,...

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™