Closed
Bug 174564
Opened 22 years ago
Closed 22 years ago
When replying to a text message that contains HTML/JS/CSS code this code is executed instead of being quoted ! (security risk ?)
Categories
(MailNews Core :: Composition, defect)
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 173953
People
(Reporter: pascalc, Assigned: bugzilla)
Details
Build 2002101412 WinXP, tested with a new profile. 1 Send to yourself a text email that contains code such as hello, <h1>this is a test</h1> 2 download this email and reply to it expected result: ---- >hello, ><h1>this is a test</h1> here is my reply ---- actual result: ----- >hello, >THIS IS A TEST here is my reply ----- the "This is a test" part is displayed as HTML Note that I do not compose in HTML format and that I have Mozilla display messages as text only.
Comment 1•22 years ago
|
||
This should be fixed in the next day or so... *** This bug has been marked as a duplicate of 173953 ***
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
Updated•20 years ago
|
Product: MailNews → Core
Updated•16 years ago
|
Product: Core → MailNews Core
You need to log in
before you can comment on or make changes to this bug.
Description
•